14 matches found
EUVD-2021-19572
Malware in sbrugna...
EUVD-2021-19573
Malware in sbrugna...
CVE-2021-32835
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a sandbox escape vulnerability may lead to post-authentication Remote Code execution. This vulnerability is known to exist in the latest commit at the time of writing this CVE...
CVE-2021-32834
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a user able to create Policy Sets can run arbitrary code by sending malicious Groovy scripts which will escape the configured Groovy sandbox. This vulnerability is known to exist...
CVE-2021-32835
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a sandbox escape vulnerability may lead to post-authentication Remote Code execution. This vulnerability is known to exist in the latest commit at the time of writing this CVE...
CVE-2021-32834
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a user able to create Policy Sets can run arbitrary code by sending malicious Groovy scripts which will escape the configured Groovy sandbox. This vulnerability is known to exist...
Design/Logic Flaw
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a user able to create Policy Sets can run arbitrary code by sending malicious Groovy scripts which will escape the configured Groovy sandbox. This vulnerability is known to exist...
Remote code execution
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a sandbox escape vulnerability may lead to post-authentication Remote Code execution. This vulnerability is known to exist in the latest commit at the time of writing this CVE...
CVE-2021-32835 Groovy Sandbox escape in Eclipse Keti
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a sandbox escape vulnerability may lead to post-authentication Remote Code execution. This vulnerability is known to exist in the latest commit at the time of writing this CVE...
CVE-2021-32835
CVE-2021-32835 affects Eclipse Keti, a service that enforces ABAC for REST APIs. The connected records identify a Groovy Sandbox escape vulnerability in Keti, which could allow post-authentication Remote Code Execution (RCE). The issue is linked to a commit (a1c8dbe) and is discussed in GHSL-2021...
CVE-2021-32834
CVE-2021-32834 affects Eclipse Keti, a REST API protection service using ABAC. The vulnerability arises when a user who can create Policy Sets can submit malicious Groovy scripts that escape the Groovy sandbox, enabling arbitrary code execution. Reported CVSS details exist across sources (e.g., N...
CVE-2021-32834 Arbitrary Groovy script evaluation in Eclipse Keti
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access Control ABAC. In Keti a user able to create Policy Sets can run arbitrary code by sending malicious Groovy scripts which will escape the configured Groovy sandbox. This vulnerability is known to exist...
Eclipse Keti 安全漏洞
Eclipse Keti is an Eclipse Foundation service that uses Attribute Based Access Control ABAC to protect restful APIs. A security vulnerability exists in Eclipse Keti that stems from a sandbox escape vulnerability in Keti. Exploitation of the vulnerability could lead to remote code execution after...
Eclipse Keti 代码注入漏洞
Eclipse Keti is an Eclipse Foundation service that uses Attribute-Based Access Control ABAC to protect restful APIs. A code injection vulnerability exists in Eclipse Keti, which originates in Keti, where a user who is able to create policy sets can run arbitrary code by sending malicious Groovy...