Lucene search
K

10 matches found

OSV
OSV
added 5 days ago7 views

ROOT-APP-NPM-CVE-2023-32314 CVE-2023-32314 in @rootio/vm2 - Patched by Root

Root has patched CVE-2023-32314 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

10CVSS5.4AI score0.05642EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 3:22 p.m.30 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands is vulnerable to arbitrary code execution due to [CVE-2023-32314]

Summary Node.js module vm2 is used by IBM App Connect Enterprise Certified Container in Designer flows by the Box connector. IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address...

10CVSS9.8AI score0.05642EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/30 9:0 p.m.50 views

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.9 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.5.9 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which...

10CVSS7AI score0.05642EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/05/30 4:47 p.m.44 views

Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.9 security fixes and container updates

Multicluster Engine for Kubernetes 2.0.9 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

10CVSS7AI score0.05642EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/05/26 7:54 a.m.41 views

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.6 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.6.6 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which...

10CVSS6.9AI score0.05642EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/05/24 6:2 p.m.36 views

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.4 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.7.4 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which...

10CVSS7AI score0.05642EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/05/16 12:0 a.m.22 views

vm2 < 3.9.18 Multiple Vulnerabilities

vm2 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vm2project:vm2"; ifdescription...

10CVSS7.4AI score0.05642EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/05/15 7:46 p.m.12 views

CVE-2023-32314 Sandbox Escape

vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy. As a result a threat actor can bypass the sandbox...

9.8CVSS9.9AI score0.05642EPSS
Exploits1References4
CVE
CVE
added 2023/05/15 7:46 p.m.186 views

CVE-2023-32314

VM2 security summary (CVE family) VM2’s sandbox has multiple confirmed security issues affecting versions up to 3.9.19, including sandbox escapes and remote code execution. Notable entries in connected docs describe: (1) escape via host objects created under Proxy in vm2

10CVSS9.8AI score0.05642EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/05/15 7:46 p.m.40 views

CVE-2023-32314 Sandbox Escape

vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy. As a result a threat actor can bypass the sandbox...

9.8CVSS8.8AI score0.05642EPSS
Exploits1References6
Rows per page
Query Builder