vm2
Moderate fix1 remedy
cpe:2.3:a:vm2_project:vm2:*:*:*:*:node.js:*:*
Moderate fix1 remedy
- <= 3.10.5
vm2 Sandbox Escape Vulnerability Leading to Remote Code Execution
Vulnerability
Patched
A vulnerability allowing sandbox escape and remote code execution has been identified in vm2 versions through 3.10.5. The issue arises because it is possible to access the BaseHandler.getPrototypeOf method, which can be exploited to retrieve arbitrary prototypes. This vulnerability is related to a sandbox escape, allowing for remote code execution.
Impact
Exploitation of this vulnerability allows for sandbox escape, leading to remote code execution.
Reproduction
The vulnerability can be reproduced by creating an object that includes methods from the Buffer prototype, such as 'slice' and 'hexSlice'. This object can then be inspected using 'util.inspect', which reveals the 'getPrototypeOf' method. Once this method is accessed, it can be used to retrieve the prototype of the Buffer, including its symbols. These symbols can be leveraged to execute arbitrary code, such as running shell commands via the 'child_process' module.
Remediation
Users are advised to update to vm2 version 3.11.0 or later, where this vulnerability has been patched.
Added: May 13, 2026, 7:50 PM
Updated: May 13, 2026, 7:50 PM
Vulnerability Rating
Custom Algorithm
spread
6.6impact
10.0exploitability
5.5remediation
7.7relevance
8.2threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.