CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28154 – webpack JS package <= 5.75.0 - Sandbox Bypass
https://notcve.org/view.php?id=CVE-2023-28154
The JS package webpack is vulnerable to Sandbox Bypass in versions up to, and including, 5.75.0 due to mishandling magic comments. • https://github.com/webpack/webpack/compare/v5.75.0...v5.76.0 https://github.com/webpack/webpack/pull/16500 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AU7BOXTBK3KDYSWH67ASZ22TUIOZ3X5G https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PPSAXUTXBCCTAHTCX5BUR4YVP25XALQ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2AFCM6FFE3LRYI6KNEQWKMXMQOBZQ2D https://access.redhat.com/security/cve/CVE-2023&# • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2023-26486 – Vega `scale` expression function cross site scripting
https://notcve.org/view.php?id=CVE-2023-26486
This can be exploited to escape the Vega expression sandbox in order to execute arbitrary JavaScript. • https://github.com/vega/vega/releases/tag/v5.23.0 https://github.com/vega/vega/security/advisories/GHSA-4vq7-882g-wcg4 https://github.dev/vega/vega/blob/72b9b3bbf912212e7879b6acaccc84aff969ef1c/packages/vega-functions/src/functions/scale.js#L36-L37 https://github.dev/vega/vega/blob/72b9b3bbf912212e7879b6acaccc84aff969ef1c/packages/vega-functions/src/scales.js#L6 https://vega.github.io/editor/#/url/vega/N4IgJAzgxgFgpgWwIYgFwhgF0wBwqgegIDc4BzJAOjIEtMYBXAI0poHsDp5kTykSArJQBWENgDsQAGhAATJJhSoA2qHFIEcNCAAaAZT0ACAApsAwtJDEkAGwZwIaZQEYAujMwAnJOIgAzNk8EJ1BMAE8cLXQAoIYbFBkkR3QNNgZ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25764
https://notcve.org/view.php?id=CVE-2023-25764
Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates. • http://www.openwall.com/lists/oss-security/2023/02/15/4 https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2934 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24422 – jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin
https://notcve.org/view.php?id=CVE-2023-24422
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. Una vulnerabilidad de omisión de la sandbox que involucra constructores de mapas en Jenkins Script Security Plugin 1228.vd93135a_2fb_25 y versiones anteriores permite a atacantes con permiso para definir y ejecutar scripts de sandbox, incluidos Pipelines, eludir la protección de sandbox y ejecutar código arbitrario en el contexto de la JVM del controlador Jenkins. ... In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. • https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016 https://access.redhat.com/security/cve/CVE-2023-24422 https://bugzilla.redhat.com/show_bug.cgi?id=2164278 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13768
https://notcve.org/view.php?id=CVE-2019-13768
Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html https://crbug.com/922677 • CWE-416: Use After Free •