Lucene search
+L

13 matches found

githubexploit
githubexploit
added 2024/06/04 10:1 a.m.681 views

Exploit for Injection in Vm2_Project Vm2

CVE-2023-30547 vm2 is a sandbox that can run untrusted code wi...

10CVSS9.6AI score0.72087EPSS
Exploits5
githubexploit
githubexploit
added 2024/02/14 1:5 p.m.663 views

Exploit for Injection in Vm2_Project Vm2

CVE-2023-30547 Vulnerability de...

10CVSS9.8AI score0.72087EPSS
Exploits5
githubexploit
githubexploit
added 2024/02/08 7:3 a.m.542 views

Exploit for Injection in Vm2_Project Vm2

CVE-2023-30547 This is a Proof-of-Concept to CVE-2023-30547 h...

10CVSS9.3AI score0.72087EPSS
Exploits5
ibm
ibm
added 2023/05/25 1:56 p.m.25 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands is vulnerable to arbitrary code execution due to [CVE-2023-30547]

Summary Node.js module vm2 is used by IBM App Connect Enterprise Certified Container in Designer flows by the Box connector. IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address...

10CVSS9.8AI score0.72087EPSS
Exploits5Affected Software1
openvas
openvas
added 2023/05/02 12:0 a.m.28 views

vm2 < 3.9.17 Sandbox Escape Vulnerability

vm2 is prone to a sandbox escape vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vm2project:vm2"; ifdescription...

10CVSS9.6AI score0.72087EPSS
Exploits5References2
redhat
redhat
added 2023/04/20 2:15 a.m.48 views

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6 hotfix security update for console

Red Hat Advanced Cluster Management for Kubernetes hotfix security update for console Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.5AI score0.72087EPSS
Exploits8References4
redhat
redhat
added 2023/04/20 1:52 a.m.44 views

Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1 hotfix security update for console

Multicluster Engine for Kubernetes 2.1 hotfix security update for console Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

10CVSS7.5AI score0.72087EPSS
Exploits8References4
redhat
redhat
added 2023/04/20 1:50 a.m.61 views

Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0 hotfix security update for console

Red Hat Multicluster Engine Hotfix Security Update for Console Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

10CVSS7.5AI score0.72087EPSS
Exploits8References4
redhat
redhat
added 2023/04/19 11:49 p.m.45 views

Critical: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

10CVSS7AI score0.72087EPSS
Exploits9References5
thn
thn
added 2023/04/19 4:53 a.m.98 views

Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution

A fresh round of patches has been made available for the vm2 JavaScript library to address two critical flaws that could be exploited to break out of sandbox protections and achieve code execution. Both the flaws – CVE-2023-29199 and CVE-2023-30547 – are rated 9.8 out of 10 on the CVSS scoring...

10CVSS10.2AI score0.72087EPSS
Exploits10
redhatcve
redhatcve
added 2023/04/18 7:33 a.m.96 views

CVE-2023-30547

A flaw was found in the vm2 sandbox. When exception handling is triggered, an unsanitized host is not managed properly. This issue may allow an attacker to bypass the sandbox protections, which can lead to remote code execution on the hypervisor host or the host that is running the sandbox...

9.8CVSS9.4AI score0.72087EPSS
Exploits5References4
cve
cve
added 2023/04/17 9:42 p.m.226 views

CVE-2023-30547

The connected IBM security bulletin confirms CVE-2023-30547 for vm2: a flaw in exception sanitization allows raising an unsanitized host exception inside handleException(), enabling sandbox escape and potential code execution in the host. Affected vm2 versions up to 3.9.16 are vulnerable; the iss...

10CVSS9.5AI score0.72087EPSS
Exploits5References4Affected Software1
osv
osv
added 2023/04/17 9:42 p.m.35 views

CVE-2023-30547 Sandbox Escape in vm2

vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception inside handleException which can be used to escape the sandbox...

9.8CVSS9.2AI score0.72087EPSS
Exploits5References6
Rows per page
Query Builder