CVE-2021-23555

Summary

The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arbitrary code on the host machine.

Affected Software

VendorProductVersion RangeStatus
n/avm2unspecified < 3.9.6affected

Weaknesses

  • Sandbox Bypass

ADP Enrichment

CVE Program Container

Additional References

References