CVE-2022-25182 – workflow-cps-global-lib: Sandbox bypass vulnerability
https://notcve.org/view.php?id=CVE-2022-25182
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already configured. Una vulnerabilidad de omisión de sandbox en Jenkins Pipeline: Shared Groovy Libraries Plugin versiones 552.vd9cc05b8a2e1 y anteriores, permite a atacantes con permiso Item/Configure ejecutar código arbitrario en la JVM del controlador Jenkins usando nombres de bibliotecas especialmente diseñados si ya se presenta una biblioteca global de Pipeline A flaw was found in Jenkins. • https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2422 https://access.redhat.com/security/cve/CVE-2022-25182 https://bugzilla.redhat.com/show_bug.cgi?id=2055798 • CWE-179: Incorrect Behavior Order: Early Validation •
CVE-2022-25181 – workflow-cps-global-lib: Sandbox bypass vulnerability
https://notcve.org/view.php?id=CVE-2022-25181
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists. Una vulnerabilidad de omisión de sandbox en Jenkins Pipeline: Shared Groovy Libraries Plugin versiones 552.vd9cc05b8a2e1 y anteriores, permite a atacantes con permiso Item/Configure ejecutar código arbitrario en el contexto de la JVM del controlador Jenkins mediante contenidos SCM diseñados especialmente, si ya se presenta una biblioteca global de Pipeline A flaw was found in Jenkins. • https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2441 https://access.redhat.com/security/cve/CVE-2022-25181 https://bugzilla.redhat.com/show_bug.cgi?id=2055797 • CWE-179: Incorrect Behavior Order: Early Validation •
CVE-2021-23555 – Sandbox Bypass
https://notcve.org/view.php?id=CVE-2021-23555
The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arbitrary code on the host machine. El paquete vm2 versiones anteriores a 3.9.6, es vulnerable a una Omisión de Sandbox por medio del acceso directo a los objetos de error del host generados por los internos del nodo durante la generación de un stacktrace, lo que puede conllevar a una ejecución de código arbitrario en la máquina del host A flaw was found in vm2, where the sandbox can be bypassed via direct access to host error objects generated by node internals during the generation of stack traces. • https://github.com/patriksimek/vm2/commit/532120d5cdec7da8225fc6242e154ebabc63fe4d https://snyk.io/vuln/SNYK-JS-VM2-2309905 https://access.redhat.com/security/cve/CVE-2021-23555 https://bugzilla.redhat.com/show_bug.cgi?id=2054114 • CWE-562: Return of Stack Variable Address •
CVE-2022-0290 – Chrome RenderFrameHostImpl Use-After-Free
https://notcve.org/view.php?id=CVE-2022-0290
Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en Site isolation en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto llevar a cabo un escape de sandbox por medio de una página HTML diseñada Chrome suffers from a state tracking issue in RenderFrameHostImpl that leads to a use-after-free vulnerability. • http://packetstormsecurity.com/files/166080/Chrome-RenderFrameHostImpl-Use-After-Free.html https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html https://crbug.com/1260134 • CWE-416: Use After Free •
CVE-2021-4098 – Chrome IPC::ChannelAssociatedGroupController Memory Corruption
https://notcve.org/view.php?id=CVE-2021-4098
Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Una comprobación insuficiente de datos en Mojo en Google Chrome versiones anteriores a 96.0.4664.110, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo potencialmente un escape de sandbox por medio de una página HTML diseñada Chrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse. • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html https://crbug.com/1263457 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •