Описание
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.
Уязвимые конфигурации
Конфигурация 1Версия до 2025-01-23 (включая)
cpe:2.3:a:google:application_integration:*:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00076
Низкий
10 Critical
CVSS3
Дефекты
CWE-829
CWE-829
Связанные уязвимости
CVSS3: 10
github
около 1 года назад
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.
EPSS
Процентиль: 23%
0.00076
Низкий
10 Critical
CVSS3
Дефекты
CWE-829
CWE-829