The patriksimek vm2 Node.js sandbox versions from 3.9.6 up to but not including 3.11.0 contain a prototype pollution vulnerability (CWE-1321). The vulnerability arises because the vm2 bridge exposes mutable proxies for real host-realm intrinsic prototypes and forwards sandbox writes into the host environment using otherReflectSet() and otherReflectDefineProperty(). This allows malicious JavaScript code running inside a default VM or inherited NodeVM to modify shared host prototypes such as Object.prototype, Array.prototype, and Function.prototype. This can lead to severe integrity and availability impacts on the host environment. The vulnerability is addressed in vm2 version 3.11.0.

An attacker can execute untrusted JavaScript code inside the vm2 sandbox and exploit this vulnerability to mutate global prototype objects in the host environment. This can lead to high-impact consequences including integrity violations and denial of service (availability impact). The CVSS v3.1 score is 10.0 (critical), reflecting network attack vector, no privileges required, no user interaction, and scope change with high impact on integrity and availability.

This vulnerability is fixed in vm2 version 3.11.0. Users should upgrade to version 3.11.0 or later to remediate this issue. Patch status is not explicitly stated beyond the fix in 3.11.0, so users should verify the upgrade and consult the official vm2 release notes for confirmation. No vendor advisory content is provided to indicate alternative mitigations or temporary fixes.