Vm2 Project: >> Vm2 >> 0.2.3 Security Vulnerabilities
The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arbitrary code on the host machine.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-02-11
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-10-18
Page 2