Количество 2
Количество 2
CVE-2022-25893
около 3 лет назад
The package vm2 before 3.9.10 are vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. Exploiting this vulnerability leads to access to a host object and a sandbox compromise.
CVSS3: 9.8
EPSS: Низкий
GHSA-4w2j-2rg4-5mjw
около 3 лет назад
vm2 vulnerable to Arbitrary Code Execution
CVSS3: 9.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-25893 The package vm2 before 3.9.10 are vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the WeakMap.prototype.set method. Exploiting this vulnerability leads to access to a host object and a sandbox compromise. | CVSS3: 9.8 | 0% Низкий | около 3 лет назад |
| GHSA-4w2j-2rg4-5mjw vm2 vulnerable to Arbitrary Code Execution | CVSS3: 9.8 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу
20