5.0.2
7 years ago
7 days ago
Known vulnerabilities in the isolated-vm package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
isolated-vm is an Access to multiple isolates Affected versions of this package are vulnerable to Remote Code Execution (RCE) when untrusted v8 cached data is passed to the API through Note: This issue has been addressed by improving the documentation. ״CachedData contains compiled machine code. That means you should not accept How to fix Remote Code Execution (RCE)? Upgrade | <4.3.7 |
isolated-vm is an Access to multiple isolates Affected versions of this package are vulnerable to Privilege Escalation. Misuse of
Similar application-specific attacks could be possible by modifying the local prototype of other API objects. Access to How to fix Privilege Escalation? Upgrade | <4.0.0 |