CVE-2023-29017
published 2023-04-06CVE-2023-29017: vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects…
PriorityP277critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
63.19%
99.1th percentile
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jsreport | jsreport | >= 0 < 3.11.3 | 3.11.3 |
| patriksimek | vm2 | < 3.9.15 | 3.9.15 |
| vm2_project | vm2 | < 3.9.15 | 3.9.15 |
| vm2_project | vm2 | >= 0 < 3.9.15 | 3.9.15 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2023-29017 exploits vm2's improper handling of host objects passed to `Error.prepareStackTrace` in case of unhandled async errors, enabling sandbox escape and RCE on the host. ↗
- →The vulnerability affects vm2 versions prior to 3.9.15; any environment running vm2 < 3.9.15 should be treated as vulnerable and monitored for exploitation attempts. ↗
- →The attack vector is remote and unauthenticated — monitor Node.js processes running vm2 for unexpected child process spawning or outbound connections that may indicate post-exploitation activity. ↗
- →Red Hat Advanced Cluster Management for Kubernetes 2 (rhacm2/console-rhel8) is a confirmed affected package; audit deployments of this product for vulnerable vm2 versions. ↗
- ·No workarounds exist for CVE-2023-29017; the only remediation is upgrading vm2 to version 3.9.15 or later. ↗
- ·The vulnerability is specific to the async error handling path — only code paths that trigger unhandled async errors in the vm2 sandbox are exploitable via this particular bug. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ghsa9.8CRITICAL
osv9.8CRITICAL
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
jsreport vulnerable to code injection
osv·2023-05-08·CVSS 9.8
CVE-2023-2583 [CRITICAL] jsreport vulnerable to code injection
jsreport vulnerable to code injection
jsreport prior to 3.11.3 had a version of vm2 vulnerable to CVE-2023-29017 hard coded in the package.json of the jsreport-core component. An attacker can use this vulnerability to obtain the authority of the jsreport playground server, or construct a malicious webpage/html file and send it to the user to attack the installed jsreport client.
GHSA
jsreport vulnerable to code injection
ghsa·2023-05-08·CVSS 9.8
CVE-2023-2583 [CRITICAL] CWE-94 jsreport vulnerable to code injection
jsreport vulnerable to code injection
jsreport prior to 3.11.3 had a version of vm2 vulnerable to CVE-2023-29017 hard coded in the package.json of the jsreport-core component. An attacker can use this vulnerability to obtain the authority of the jsreport playground server, or construct a malicious webpage/html file and send it to the user to attack the installed jsreport client.
GHSA
vm2 vulnerable to sandbox escape
ghsa·2023-04-07
CVE-2023-29017 [CRITICAL] CWE-913 vm2 vulnerable to sandbox escape
vm2 vulnerable to sandbox escape
vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors.
- vm2 version: ~3.9.14
- Node version: 18.15.0, 19.8.1, 17.9.1
### Impact
A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox.
### Patches
This vulnerability was patched in the release of version `3.9.15` of `vm2`.
### Workarounds
None.
OSV
vm2 vulnerable to sandbox escape
osv·2023-04-07
CVE-2023-29017 [CRITICAL] vm2 vulnerable to sandbox escape
vm2 vulnerable to sandbox escape
vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors.
- vm2 version: ~3.9.14
- Node version: 18.15.0, 19.8.1, 17.9.1
### Impact
A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox.
### Patches
This vulnerability was patched in the release of version `3.9.15` of `vm2`.
### Workarounds
None.
Red Hat
vm2: sandbox escape
vendor_redhat·2023-04-06·CVSS 10.0
CVE-2023-29017 [CRITICAL] CWE-755 vm2: sandbox escape
vm2: sandbox escape
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.
A flaw was found in vm2 where the component was not properly handling asynchronous errors. This flaw allows a remote, unauthenticated attacker to escape the restrictions of the sandbox and execute code on the host.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet t
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Critical vm2 sandbox bug lets attackers execute code on hosts
blogs_bleepingcomputer·2026-05-06·CVSS 9.8
CVE-2026-26956 [CRITICAL] Critical vm2 sandbox bug lets attackers execute code on hosts
## Critical vm2 sandbox bug lets attackers execute code on hosts
## Bill Toulas
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system.
The security issue is tracked as CVE-2026-26956 and has been confirmed to impact vm2 version 3.10.4, although earlier releases may also be vulnerable. Proof-of-concept (PoC) exploit code has been published.
In the security advisory, the maintainer says that the issue only impacts environments with Node.js 25 (confirmed on Node.js 25.6.1) that have enabled WebAssembly exception handling and JSTag support.
vm2 is an open-source Node.js library used to run untrusted JavaScript code inside a restricted sandbox environment. It is commonly employed by online coding p
Bleepingcomputer
Critical sandbox escape flaw found in popular vm2 NodeJS library
blogs_bleepingcomputer·2026-01-27·CVSS 9.8
CVE-2026-22709 [CRITICAL] Critical sandbox escape flaw found in popular vm2 NodeJS library
## Critical sandbox escape flaw found in popular vm2 NodeJS library
## Bill Toulas
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
The open-source vm2 library creates a secure context to allow users to execute untrusted JavaScript code that does not have access to the filesystem.
vm2 has historically been seen in SaaS platforms that support user script execution, online code runners, chatbots, and open-source projects, being used in more than 200,000 projects on GitHub. The project was discontinued in 2023, though, due to repeated sandbox-escape vulnerabilities, and considered unsafe for running untrusted code.
Last October, maintainer Patrik Šimek d
Checkpoint
10th April – Threat Intelligence Report
blogs_checkpoint·2023-04-10
CVE-2023-28205 10th April – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 10th April – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 10th April, please download our Threat_Intelligence Bulletin
TOP ATTACKS AND BREACHES
Taiwanese computing hardware giant MSI has suffered a ransomware attack by the recently-founded group Money Message. The group has demanded $4M in ransom, and claims to have stolen source code and databases as part of 1.5TB of information exfiltrated from the company.
Check Point Harmony Endpoint and Threat Emulation provide p
https://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76dhttps://github.com/patriksimek/vm2/commit/d534e5785f38307b70d3aac1945260a261a94d50https://github.com/patriksimek/vm2/issues/515https://github.com/patriksimek/vm2/security/advisories/GHSA-7jxr-cg7f-gpgvhttps://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76dhttps://github.com/patriksimek/vm2/commit/d534e5785f38307b70d3aac1945260a261a94d50https://github.com/patriksimek/vm2/issues/515https://github.com/patriksimek/vm2/security/advisories/GHSA-7jxr-cg7f-gpgv
2023-04-06
Published