Lucene search
K

6 matches found

Snyk
Snyk
added 2026/06/19 9:15 p.m.4 views

Arbitrary Code Injection

Overview @tinacms/cli is a package used to set up your project with Tina Cloud configuration, and run a local version of the Tina Cloud content-api. Affected versions of this package are vulnerable to Arbitrary Code Injection through the addVariablesToCode/makeFieldsWithInternalCode process in...

7.8CVSS6.1AI score0.0017EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/12 2:23 p.m.167 views

BayreuthWing

A transformer-based deep learning system for detecting securit...

10CVSS7.2AI score0.99999EPSS
Exploits351
NVD
NVD
added 2023/04/14 7:15 p.m.53 views

CVE-2023-29199

There exists a vulnerability in source code transformer exception sanitization logic of vm2 for versions up to 3.9.15, allowing attackers to bypass handleException and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor c...

10CVSS9.9AI score0.03852EPSS
Exploits1References5
Prion
Prion
added 2023/04/14 7:15 p.m.26 views

Remote code execution

There exists a vulnerability in source code transformer exception sanitization logic of vm2 for versions up to 3.9.15, allowing attackers to bypass handleException and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor c...

7.5CVSS9.7AI score0.03852EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2023/04/14 6:37 p.m.38 views

CVE-2023-29199 vm2 Sandbox escape vulnerability

There exists a vulnerability in source code transformer exception sanitization logic of vm2 for versions up to 3.9.15, allowing attackers to bypass handleException and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context. A threat actor c...

9.8CVSS10AI score0.03852EPSS
Exploits1References5
CVE
CVE
added 2023/04/14 6:37 p.m.471 views

CVE-2023-29199

The CVE-2023-29199 issue affects the vm2 Node.js module, specifically its source code transformer’s exception sanitization. Versions up to 3.9.15 are vulnerable to a sandbox bypass in handleException(), enabling leakage of unsanitized host exceptions and potential remote code execution in the hos...

10CVSS9.8AI score0.03852EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder