8 matches found
CVE-2025-13426
A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute...
EUVD-2025-201493
A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute...
CVE-2025-13426
A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute...
CVE-2025-13426 Improper Sandboxing in Google Apigee's JavaCallout Policy Allows for Remote Code Execution
A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute...
CVE-2025-13426
CVE-2025-13426 affects Google Apigee’s JavaCallout policy. A crafted JavaCallout could inject a malicious object into the MessageContext to execute arbitrary Java code and system commands at runtime, enabling unauthorized data access and lateral movement. Public disclosures in the initial documen...
CVE-2025-13426 Improper Sandboxing in Google Apigee's JavaCallout Policy Allows for Remote Code Execution
A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute...
Google Apigee hybrid Javacallout policy 安全漏洞
Google Apigee hybrid Javacallout policy is a next-generation API management platform from Google, Inc USA. A security vulnerability exists in Google Apigee hybrid Javacallout policy that stems from a JavaCallout policy that allows the injection of malicious objects, which could lead to remote cod...
PT-2025-49315
Name of the Vulnerable Software and Affected Versions Google Apigee versions prior to Hybrid 1.11.2 Google Apigee versions prior to Hybrid 1.12.4 Google Apigee versions prior to Hybrid 1.13.3 Google Apigee versions prior to Hybrid 1.14.1 Google Apigee versions prior to OPDK 5202 Google Apigee...