10 matches found
CVE-2026-44001 vm2: Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to crash the host Node.js process via a single Promise constructor that triggers an unhandled rejection propagating to the host. The fix for CVE-2026-22709 v3.10....
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have security vulnerabilities; these vulnerabilities stem from sandbox escape exploits, allowing...
vm2 has a Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)
Summary A sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to crash the host Node.js process via a single Promise constructor that triggers an unhandled rejection propagating to the host. The fix for CVE-2026-22709 v3.10.2 only sanitized the onRejected callback in .then and...
Uncaught Exception
Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Uncaught Exception through the Promise constructor when an unhandled rejection propagates from the sandboxed environment to the host process. An...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the jsstdpromiserejectioncheck function when iterating over the rejectedpromiselist. An attacker can achieve arbitrary code execution or cause a crash by supplying a malicious Error object with a custom property getter...
UBUNTU-CVE-2025-62491
A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...
Denial Of Service (DoS)
http-proxy-middleware is vulnerable to Denial of Service DoS. The vulnerability is due to an unhandled promise rejection error caused by micromatch, which can allow an attacker to crash the server by making requests to certain paths...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to an UnhandledPromiseRejection error thrown by micromatch. An attacker could kill the Node.js process and crash the server by making requests to certain paths. PoC 1 Run a server like this: js const express =...
Malicious code in hs-promise-rejection-tracking (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b0af78070a71081b60bcff34762e511aa3de9b02147f99ab2b69e87591f500f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3688 Malicious code in hs-promise-rejection-tracking (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b0af78070a71081b60bcff34762e511aa3de9b02147f99ab2b69e87591f500f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...