2021-10-18 16:40:13
snyk
PUBLISHED
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine.