Lucene search
K

5 matches found

NVD
NVD
added 2025/06/27 3:15 p.m.8 views

CVE-2025-6705

A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized uploads of extensions. Specifically, the system’s build scripts were executed without proper isolation, potentially exposing a privileged token. This token enabled the publishing of new...

7.6CVSS0.00224EPSS
Exploits0References2
CVE
CVE
added 2025/06/27 2:57 p.m.33 views

CVE-2025-6705

The CVE-2025-6705 vulnerability affects the Eclipse Open VSX Registry, specifically its automated publishing system. The issue stems from build scripts executing without proper isolation, potentially exposing a privileged token that could be used to publish new extension versions under any namesp...

7.6CVSS6.5AI score0.00224EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/27 2:57 p.m.8 views

CVE-2025-6705

A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized uploads of extensions. Specifically, the system’s build scripts were executed without proper isolation, potentially exposing a privileged token. This token enabled the publishing of new...

7.6CVSS6.5AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.6 views

Eclipse Open VSX 安全漏洞

Eclipse Open VSX is an open source registry of code extensions for Eclipse Open Source. A security vulnerability exists in Eclipse Open VSX that stems from a lack of sandboxing restrictions for CI jobs, which could lead to a service account takeover...

7.6CVSS6.9AI score0.00224EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.6 views

PT-2025-27234 · Unknown · Open-Vsx.Org

Name of the Vulnerable Software and Affected Versions: open-vsx.org affected versions not specified Description: The issue allowed an attacker to run arbitrary build scripts for auto-published extensions due to missing sandboxing of CI job runs. An attacker with access to an existing extension...

7.6CVSS7AI score0.00224EPSS
Exploits0References8
Rows per page
Query Builder