Lucene search
GoogleOSV:CVE-2024-28397HistoryJun 20, 2024 - 5:15 p.m.
CVE-2024-28397
2024-06-2017:15:00
Google
osv.dev
2
js2py component
arbitrary code execution
api call
cve-2024-28397
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
22.7%
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
Related
nessus
nessus
openSUSE 15 Security Update : python-Js2Py (SUSE-SU-2024:2272-1)
2024-07-03 00:00:00
osv
osv
python310-Js2Py-0.74-3.1 on GA media
2024-07-01 00:00:00
Security update for python-Js2Py
2024-07-02 10:07:45
js2py allows remote code execution
2024-06-20 18:34:08
github
github
js2py allows remote code execution
2024-06-20 18:34:08
pyload-ng vulnerable to RCE with js2py sandbox escape
2024-09-09 18:17:20
cvelist
cvelist
CVE-2024-28397
2024-06-20 00:00:00
cve
cve
CVE-2024-28397
2024-06-20 17:15:50
nvd
nvd
CVE-2024-28397
2024-06-20 17:15:50
veracode
veracode
Remote Code Execution (RCE)
2024-06-21 07:01:58
githubexploit
githubexploit
Exploit for CVE-2024-28397
2024-06-19 01:46:33
Exploit for CVE-2024-28397
2024-06-21 04:43:21
ubuntucve
ubuntucve
CVE-2024-28397
2024-06-20 00:00:00
vulnrichment
vulnrichment
CVE-2024-28397
2024-06-20 00:00:00
mageia
mageia
Updated python-js2py packages fix security vulnerability
2024-07-05 19:28:37
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0256)
2024-07-08 00:00:00
openSUSE: Security Advisory for python (SUSE-SU-2024:2272-1)
2024-07-10 00:00:00
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
22.7%
Related for OSV:CVE-2024-28397