15 matches found
CVE-2026-44000
A flaw was found in vm2 before 3.11.0. Host-side Promises that resolve to host objects deliver values to sandbox .then callbacks without cross-realm conversion ensureThis instead of from/proxy wrapping, allowing sandbox code to interact with host objects directly. Fixed in 3.11.0. Mitigation...
CVE-2026-44000
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the...
CVE-2026-44000 vm2: sandbox boundary bypass via host Promise resolution preserving host object identity
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the...
CVE-2026-44000
CVE-2026-44000 (vm2) : A sandbox boundary bypass in vm2 prior to version 3.11.0 allows host object identity to cross into the sandbox via host Promise resolution. When a host-side Promise resolves to a host object and is exposed to the sandbox, the value delivered to the sandbox .then() callback ...
CVE-2026-44000 vm2: sandbox boundary bypass via host Promise resolution preserving host object identity
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the...
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have security vulnerabilities; these vulnerabilities stem from sandbox boundary violations. During...
NPM: vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary
NPM: vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary vulnerability discovered by ? in WordPress Npm vm2 versions = 3.10.5...
vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary
Summary A sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the sandbox .then callback preserves host identity. This...
GHSA-MPF8-4HX2-7CJG vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary
Summary A sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the sandbox .then callback preserves host identity. This...
CVE-2026-3449
Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...
MiracleLinux 8 : firefox-128.10.1-1.el8_10.ML.1 (AXSA:2025-9963:16)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9963:16 advisory. firefox: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: Out-of-bounds access when optimizing linear sums CVE-2025-4919...
MiracleLinux 7 : firefox-128.10.1-1.0.1.el7.AXS7 (AXSA:2025-9965:17)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9965:17 advisory. firefox: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: Out-of-bounds access when optimizing linear sums CVE-2025-4919...
RLSA-2025:8125 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: Out-of-bounds access when optimizing linear sums CVE-2025-4919 For more details about...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.10.1 ESR. MFSA 2025-37 bsc1243303 CVE-2025-4918: Out-of-bounds access when resolving Promise objects CVE-2025-4919: Out-of-bounds access when optimizing linear sums Patch Instructions: To...
Chrome JSPromise::TriggerPromiseReactions Type Confusion
Chrome: Type confusion in JSPromise::TriggerPromiseReactions VULNERABILITY DETAILS ==1. TriggerPromiseReactions== https://cs.chromium.org/chromium/src/v8/src/objects.cc?rcl=d24c8dd69f1c7e89553ce101272aedefdb41110d&l=5975 Handle JSPromise::TriggerPromiseReactionsIsolate isolate, Handle reactions,...