Critical Remote Code Execution Vulnerability Found in vm2 Sandbox Library
A critical vulnerability in vm2 may allow a remote attacker to escape the sandbox and execute arbitrary code on the host.
A highly popular JavaScript sandbox library with more than 16 million monthly downloads, vm2 supports the execution of untrusted code synchronously in a single process.
Read more: Critical Remote Code Execution Vulnerability Found in vm2 Sandbox Library
Story added 10. October 2022, content source with full text you can find at link above.