Name of the Vulnerable Software and Affected Versions realms-shim versions prior to 1.2.1

Description The issue concerns a Sandbox Breakout in the Realms evaluation function, which has an option to apply transformations to the source code before evaluation. A part of this transformation pipeline exposed a primal-Realm object to the rewriting function, allowing confined code to capture this object using a malicious rewriter function and breach the sandbox.

Recommendations Upgrade to version 1.2.1 or later.