org.webjars.npm:vm2

Licenses: MIT

Published: 3 years ago Last updated: 2 years ago Latest version: 3.9.19

License

MIT[3.9.11,);

Known vulnerabilities in the org.webjars.npm:vm2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
C Arbitrary Code Injection	[0,)
C Improper Isolation or Compartmentalization	[0,)
H Symlink Attack	[0,)
M Improper Isolation or Compartmentalization	[0,)
M Improper Isolation or Compartmentalization	[0,)
M Information Exposure	[0,)
H Allocation of Resources Without Limits or Throttling	[0,)
C Arbitrary Code Injection	[3.9.19,)
C Arbitrary Code Injection	[0,)
C Uncaught Exception	[0,)
C Arbitrary Code Injection	[0,)
C Arbitrary Code Injection	[0,)
C Arbitrary Code Injection	[0,)
C Arbitrary Code Injection	[0,)
C Arbitrary Code Injection	[0,)
C Arbitrary Code Injection	[0,)
H Improper Control of Dynamically-Managed Code Resources	[0,)
C Remote Code Execution (RCE)	[0,)
C Remote Code Execution (RCE)	[0,)
C Sandbox Bypass	[,3.9.19)
M Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	[,3.9.19)
C Improper Handling of Exceptional Conditions	[,3.9.19)
C Sandbox Escape	[,3.9.19)
C Sandbox Escape	[,3.9.19)
C Sandbox Bypass	[,3.9.19)
C Sandbox Bypass	[,3.9.19)
C Sandbox Bypass	[,3.9.19)
H Sandbox Bypass	[,3.6.11)

2 VERSIONS IN TOTAL

version	published	direct vulnerabilities
3.9.19	3 Jul, 2023	13 C 3 H 3 M 0 L
3.9.11	13 Nov, 2022	19 C 3 H 4 M 0 L