Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2023/05/02 12:0 a.m.25 views

vm2 < 3.9.16 Sandbox Escape Vulnerability

vm2 is prone to a sandbox escape vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vm2project:vm2"; ifdescription...

10CVSS9.6AI score0.03852EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/27 3:52 p.m.32 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and Integration Runtime operands that run Designer flows containing a Box node may be vulnerable to arbitrary code execution due to [CVE-2023-29199]

Summary Node.js module vm2 is used by IBM App Connect Enterprise Certified Container for communications with Box via the Box connector. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that run Designer flows containing a Box node may be vulnerable ...

10CVSS9.8AI score0.03852EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/04/20 2:15 a.m.48 views

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6 hotfix security update for console

Red Hat Advanced Cluster Management for Kubernetes hotfix security update for console Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.5AI score0.72087EPSS
Exploits8References4
RedHat Linux
RedHat Linux
added 2023/04/20 1:52 a.m.44 views

Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1 hotfix security update for console

Multicluster Engine for Kubernetes 2.1 hotfix security update for console Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

10CVSS7.5AI score0.72087EPSS
Exploits8References4
RedHat Linux
RedHat Linux
added 2023/04/20 1:50 a.m.61 views

Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0 hotfix security update for console

Red Hat Multicluster Engine Hotfix Security Update for Console Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

10CVSS7.5AI score0.72087EPSS
Exploits8References4
RedHat Linux
RedHat Linux
added 2023/04/19 11:49 p.m.45 views

Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

10CVSS7AI score0.72087EPSS
Exploits9References5
The Hacker News
The Hacker News
added 2023/04/19 4:53 a.m.98 views

Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution

A fresh round of patches has been made available for the vm2 JavaScript library to address two critical flaws that could be exploited to break out of sandbox protections and achieve code execution. Both the flaws – CVE-2023-29199 and CVE-2023-30547 – are rated 9.8 out of 10 on the CVSS scoring...

10CVSS10.2AI score0.72087EPSS
Exploits10
CVE
CVE
added 2023/04/14 6:37 p.m.473 views

CVE-2023-29199

The CVE-2023-29199 issue affects the vm2 Node.js module, specifically its source code transformer’s exception sanitization. Versions up to 3.9.15 are vulnerable to a sandbox bypass in handleException(), enabling leakage of unsanitized host exceptions and potential remote code execution in the hos...

10CVSS9.8AI score0.03852EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder