One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 8030544 |
| Date de publication | 2022-11-15 22:31:00 (vue: 2022-11-15 18:05:51) |
| Titre | Critical RCE Flaw Reported in Spotify\'s Backstage Software Catalog and Developer Platform |
| Texte | Spotify's Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by leveraging a recently disclosed bug in a third-party module. The vulnerability (CVSS score: 9.8), at its core, takes advantage of a critical sandbox escape in vm2, a popular JavaScript sandbox library (CVE-2022-36067 aka Sandbreak), that came to light last |
| Notes | |
| Envoyé | Oui |
| Condensat | 2022 36067 aka advantage backstage been bug came catalog code core could critical cve cvss developer disclosed discovered escape execution exploited flaw gain has its javascript last leveraging library light module party platform popular rce recently remote reported sandbox sandbreak score: security severe software spotify takes third vm2 vulnerability vulnerable |
| Tags | Vulnerability |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.