CVE-2023-29017

vm2 vulnerable to sandbox escape

Description

vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors.

‍
- vm2 version: ~3.9.14
- Node version: 18.15.0, 19.8.1, 17.9.1

### Impact
A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox.

### Patches
This vulnerability was patched in the release of version `3.9.15` of `vm2`.

### Workarounds
None.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading

Vulnerability Details

Score

9.8

Score Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Versions

vm2 < 3.9.15

Severity

Critical

Ecosystem

JavaScript

Publish Date

April 7, 2023

Modified Date

November 7, 2023