Severity: Critical
CVSS Score: 9.8
Versions of `realms-shim` prior to 1.2.1 are vulnerable to a Sandbox Breakout. The Realms evaluation function has an option to apply Babel-like transformations to the source code before it reaches the evaluator. One portion of this transform pipeline exposed a primal-Realm object to the rewriting function. Confined code which used the evaluator itself could provide a malicious rewriter function that captured this object, and use it to breach the sandbox. ## Recommendation Upgrade to version 1.2.1 or later.