Lucene search
Isolated-vm Security Vulnerabilities
cve
isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs process. Version 4.3.7...
9.8CVSS
9.6AI Score
0.003EPSS
2022-09-29 06:15 PM
302
7
cve
isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to.....
9.6CVSS
9.2AI Score
0.002EPSS
2021-03-30 11:15 PM
45
2