The package vm2 prior to 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arbitrary code on the host machine.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vm2 project vm2 |