Lucene search

GitHub Advisory DatabaseGHSA-2JJQ-X548-RHPV

HistorySep 30, 2022 - 10:59 p.m.

isolated-vm has vulnerable CachedDataOptions in API

2022-09-3022:59:03

CWE-20

CWE-287

CWE-693

GitHub Advisory Database

github.com

isolated-vm

api

vulnerability

cacheddataoptions

bypass

sandbox

arbitrary code

nodejs

payload

documentation

warning

software

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

69.6%

JSON

Impact

If the untrusted v8 cached data is passed to the API through CachedDataOptions, the attackers can bypass the sandbox and run arbitrary code in the nodejs process. Version 4.3.7 changes the documentation to warn users that they should not accept cachedData payloads from a user.

Affected configurations

Vulners

Node

isolatedvmRange≤4.3.6

CPENameOperatorVersion
isolated-vmle4.3.6

CPE	Name	Operator	Version
	isolated-vm	le	4.3.6

References

github.com/advisories/GHSA-2jjq-x548-rhpv

github.com/laverdet/isolated-vm/commit/218e87a6d4e8cb818bea76d1ab30cd0be51920e8

github.com/laverdet/isolated-vm/commits/v4.3.7

github.com/laverdet/isolated-vm/issues/379

github.com/laverdet/isolated-vm/security/advisories/GHSA-2jjq-x548-rhpv

nvd.nist.gov/vuln/detail/CVE-2022-39266

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

69.6%

JSON

Related for GHSA-2JJQ-X548-RHPV