Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vm2
(Vm2_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-10-18 | CVE-2021-23449 | This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine. | Vm2 | 10.0 | ||
| 2022-02-11 | CVE-2021-23555 | The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arbitrary code on the host machine. | Vm2 | 9.8 |