cve/2023/CVE-2023-32313.md

### [CVE-2023-32313](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32313)
![](https://img.shields.io/static/v1?label=Product&message=vm2&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%203.9.18%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen)

### Description

vm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm.

### POC

#### Reference
- https://gist.github.com/arkark/c1c57eaf3e0a649af1a70c2b93b17550
- https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v

#### Github
- https://github.com/jakabakos/vm2-sandbox-escape-exploits
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-32313](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32313)`
			`![](https://img.shields.io/static/v1?label=Product&message=vm2&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%203.9.18%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen)`

			`### Description`

			vm2 is a sandbox that can run untrusted code with Node's built-in modules. In versions 3.9.17 and lower of vm2 it was possible to get a read-write reference to the node `inspect` method and edit options for `console.log`. As a result a threat actor can edit options for the `console.log` command. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. Users unable to upgrade may make the `inspect` method readonly with `vm.readonly(inspect)` after creating a vm.

			`### POC`

			`#### Reference`
			`- https://gist.github.com/arkark/c1c57eaf3e0a649af1a70c2b93b17550`
			`- https://github.com/patriksimek/vm2/security/advisories/GHSA-p5gc-c584-jj6v`

			`#### Github`
Update CVE sources 2024-06-10 07:22 2024-06-10 07:22:43 +00:00			`- https://github.com/jakabakos/vm2-sandbox-escape-exploits`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00