2 matches found
CVE-2021-32834
CVE-2021-32834 affects Eclipse Keti, a REST API protection service using ABAC. The vulnerability arises when a user who can create Policy Sets can submit malicious Groovy scripts that escape the Groovy sandbox, enabling arbitrary code execution. Reported CVSS details exist across sources (e.g., N...
CVE-2021-32835
CVE-2021-32835 affects Eclipse Keti, a service that enforces ABAC for REST APIs. The connected records identify a Groovy Sandbox escape vulnerability in Keti, which could allow post-authentication Remote Code Execution (RCE). The issue is linked to a commit (a1c8dbe) and is discussed in GHSL-2021...