Lucene search

GitHub_MCVELIST:CVE-2022-39266

HistorySep 29, 2022 - 6:10 p.m.

CVE-2022-39266 isolated-vm has vulnerable CachedDataOptions in API

2022-09-2918:10:08

CWE-20

CWE-693

GitHub_M

www.cve.org

cve-2022-39266

isolated-vm

vulnerability

api

untrusted v8 cached data

sandbox

arbitrary code

nodejs process

9.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.6%

JSON

isolated-vm is a library for nodejs which gives the user access to v8’s Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs process. Version 4.3.7 changes the documentation to warn users that they should not accept cachedData payloads from a user.

CNA Affected

[
  {
    "vendor": "laverdet",
    "product": "isolated-vm",
    "versions": [
      {
        "version": "<= 4.3.6",
        "status": "affected"
      }
    ]
  }
]

References

github.com/laverdet/isolated-vm/commit/218e87a6d4e8cb818bea76d1ab30cd0be51920e8

github.com/laverdet/isolated-vm/commits/v4.3.7

github.com/laverdet/isolated-vm/issues/379

github.com/laverdet/isolated-vm/security/advisories/GHSA-2jjq-x548-rhpv

9.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.6%

JSON

Related for CVELIST:CVE-2022-39266