17 matches found
CVE-2023-26919
delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process...
CVE-2023-26919
delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process...
CVE-2023-26919
delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process...
CVE-2023-26919
delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process...
PT-2023-20847 · Unknown · Delight Nashorn Sandbox
Name of the Vulnerable Software and Affected Versions: delight-nashorn-sandbox versions 0.2.4 through 0.2.5 Description: The issue allows for sandbox escape when allowExitFunctions is set to false. The loadWithNewGlobal function can be used to invoke the exit and quit methods, leading to the exit...
CVE-2023-26919
delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When allowExitFunctions is set to false, the loadWithNewGlobal function can be used to invoke the exit and quit methods to exit the Java process...
Delight Nashorn Sandbox 注入漏洞
Delight Nashorn Sandbox is a Java Delight open source sandbox for executing JavaScript in Java using Nashorn. A security vulnerability exists in Delight Nashorn Sandbox version 0.2.4, 0.2.5. An attacker exploiting this vulnerability can exit a Java process by calling the exit and quit methods usi...
Delight Nashorn Sandbox Denial of Service Vulnerability
Delight Nashorn Sandbox is a sandbox for executing JavaScript in Java using Nashorn from Java Delight A denial of service vulnerability exists in Delight Nashorn Sandbox version 0.2.0, which stems from a weak expression that can be exploited and can be used by an attacker to The vulnerability lea...
cn.easyutil:veteran-core (=1.0.1), cn.easyutil:veteran-web (=1.0.1) +14 more potentially affected by CVE-2021-40660 via org.javadelight:delight-nashorn-sandbox (>=0.1.16 <=0.2.5)
org.javadelight:delight-nashorn-sandbox MAVEN version =0.1.16, =1.2.22, =1.1-pre-alpha-19, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =3.2.0, =3.2.0, =1.0.6, =0.1.0, =0.1.2 and more Source cves: CVE-2021-406...
GHSA-38J3-6FM8-PFGC Regular expression denial of service in Delight Nashorn Sandbox
An issue was discovered in Delight Nashorn Sandbox. There is an ReDoS vulnerability that can be exploited to launching a denial of service DoS attack...
CVE-2021-40660
An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service DoS attack...
CVE-2021-40660
An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service DoS attack...
Code injection
An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service DoS attack...
CVE-2021-40660
The CVE-2021-40660 issue affects Delight Nashorn Sandbox 0.2.0. Several connected sources (CNVD/CNNVD, OSV, Red Hat, GHSA) describe a ReDoS-type vulnerability in the sandbox’s regular-expression handling that can be exploited to trigger a denial-of-service condition. The root cause is identified ...
CVE-2021-40660
An issue was discovered in Delight Nashorn Sandbox 0.2.0. There is an ReDoS vulnerability that can be exploited to launching a denial of service DoS attack...
Delight Nashorn Sandbox 安全漏洞
Delight Nashorn Sandbox is a sandbox for executing JavaScript in Java using Nashorn from Java Delight A denial of service vulnerability exists in Delight Nashorn Sandbox version 0.2.0, which stems from a weak expression that can be exploited and can be used by an attacker to The vulnerability lea...
PT-2022-11294 · Unknown · Delight Nashorn Sandbox
Name of the Vulnerable Software and Affected Versions: Delight Nashorn Sandbox version 0.2.0 Description: An issue was discovered in Delight Nashorn Sandbox, which has a ReDoS vulnerability that can be exploited to launch a denial of service DoS attack. Recommendations: For Delight Nashorn Sandbo...