(CVE-2023-32006) Permissions policies can impersonate other modules in using module.constructor.createRequire()