search

OS2iot / OS2iot-backend

This repository contains the backend to the project OS2iot.
Mozilla Public License 2.0
10 stars 7 forks source link

Fix CVE–2023–30547 #212

Closed debricked[bot] closed 1 year ago

debricked[bot] commented 1 year ago

CVE–2023–30547

Vulnerability details

Description ### NVD > vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception inside `handleException()` which can be used to escape the sandbox and run arbitrary code in host context. This vulnerability was patched in the release of version `3.9.17` of `vm2`. There are no known workarounds for this vulnerability. Users are advised to upgrade.
CVSS details - 10   |CVSS3 metrics|| |:-|:-| |Attack Vector|**Network**| |Attack Complexity|**Low**| |Privileges Required|**None**| |User interaction|**None**| |Scope|**Changed**| |Confidentiality|**High**| |Integrity|**High**| |Availability|**High**|
References     [NVD - CVE-2023-30547](https://nvd.nist.gov/vuln/detail/CVE-2023-30547)[](https://nvd.nist.gov/vuln/detail/CVE-2023-30547)     [Ensure every catch block is protected · patriksimek/vm2@4b22e87 · GitHub](https://github.com/patriksimek/vm2/commit/4b22e87b102d97d45d112a0931dba1aef7eea049)[](https://github.com/patriksimek/vm2/commit/4b22e87b102d97d45d112a0931dba1aef7eea049)     [Handle host errors captured in Promises · patriksimek/vm2@f3db4de · GitHub](https://github.com/patriksimek/vm2/commit/f3db4dee4d76b19869df05ba7880d638a880edd5)[](https://github.com/patriksimek/vm2/commit/f3db4dee4d76b19869df05ba7880d638a880edd5)     [Sandbox Escape · Advisory · patriksimek/vm2 · GitHub](https://github.com/patriksimek/vm2/security/advisories/GHSA-ch3r-j5x3-6q2m)[](https://github.com/patriksimek/vm2/security/advisories/GHSA-ch3r-j5x3-6q2m)     [Sandbox Escape in vm2@3.9.16 · GitHub](https://gist.github.com/leesh3288/381b230b04936dd4d74aaf90cc8bb244)[](https://gist.github.com/leesh3288/381b230b04936dd4d74aaf90cc8bb244)

 

Related information

:pushpin: Remember! Check the changes to ensure they don't introduce any breaking changes.
:books: Read more about the CVE

 

ramogens commented 1 year ago

This patch was handled in #213 so I'm closing