Package: patriksimek/vm2
Affected versions: <= 3.11.0
Fixed version: 3.11.1
Severity: Critical
vm2 before 3.11.1 is vulnerable to sandbox escape / host OS command
execution when `NodeVM` is used with `nesting: true` and untrusted code.
In the vulnerable case, sandboxed code can `require('vm2')` regardless of
the outer VM's `require` restrictions, including `require: false`, then
create an inner `NodeVM` with attacker-chosen settings and execute
arbitrary OS commands on the host.
The 3.11.1 fix rejects `new NodeVM({ nesting: true, require: false })` at
construction time. The maintainer also notes that `nesting: true` remains
an escape hatch by design; untrusted code should not be run with
`nesting: true` enabled.
References:
https://github.com/patriksimek/vm2/security/advisories/GHSA-8hg8-63c5-gwmx
https://github.com/patriksimek/vm2#5-nesting-true-is-an-escape-hatch
https://github.com/patriksimek/vm2/releases/tag/v3.11.1
https://github.com/patriksimek/vm2/blob/main/docs/ATTACKS.md#attack-category-25-nodevm-nesting-true--require-false-configuration-trap
