GHSA-22rr-f3p8-5gf8

Опубликовано: 15 сент. 2023

Источник: github

Github: Прошло ревью

CVSS3: 7.6

Описание

Directus affected by VM2 sandbox escape vulnerability

Impact

In vm2 for versions up to 3.9.19, Promise handler sanitization can be bypassed, allowing attackers to escape the sandbox and run arbitrary code. Within Directus this applies to the "Run Script" operation in flows being able to escape the sandbox running code in the main nodejs context.

Patches

Patched in v10.6.0 by replacing vm2 with isolated-vm

Workarounds

None

References

https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5

Ссылки

https://github.com/directus/directus/security/advisories/GHSA-22rr-f3p8-5gf8
https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5
https://github.com/directus/directus/pull/19332
https://github.com/directus/directus/commit/284156426fa94f688e8d65a7a4f34f9e6705f058

Пакеты

Наименование

directus

npm

Затронутые версииВерсия исправления

< 10.6.0

10.6.0

7.6 High

CVSS3

7.6 High

CVSS3