CVE-2021-23594 – Sandbox Bypass
https://notcve.org/view.php?id=CVE-2021-23594
All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Todas las versiones del paquete realms-shim son vulnerables a la Omisión del Sandbox por medio de un vector de ataque de Contaminación de Prototipos • https://snyk.io/vuln/SNYK-JS-REALMSSHIM-2309907 https://www.npmjs.com/package/realms-shim • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2022-21648 – Sandbox bypass in Latte templates
https://notcve.org/view.php?id=CVE-2022-21648
Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. ... Desde la versión 2.8.0, Latte ha incluido un sandbox de plantillas y en las versiones afectadas se ha encontrado que se presenta un escape del sandbox que permite una inyección en páginas web generadas desde Latte. • https://github.com/nette/latte/commit/9e1b4f7d70f7a9c3fa6753ffa7d7e450a3d4abb0 https://github.com/nette/latte/security/advisories/GHSA-36m2-8rhx-f36j • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-44078
https://notcve.org/view.php?id=CVE-2021-44078
It allows local attackers to escape the sandbox. An attacker must first obtain the ability to execute crafted code in the target sandbox in order to exploit this vulnerability. ... An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code on the host machine. ... Permite a atacantes locales escapar del sandbox. ... Un atacante puede aprovechar esta vulnerabilidad para escapar del sandbox y ejecutar código arbitrario en la máquina anfitriona • https://gist.github.com/jwang-a/cb4b6e9551457aa299066076b836a2cd https://github.com/jwang-a/CTF/blob/master/MyChallenges/Pwn/Unicorns_Aisle/UnicornsAisle.pdf https://github.com/unicorn-engine/unicorn/commit/c733bbada356b0373fa8aa72c044574bb855fd24 https://github.com/unicorn-engine/unicorn/compare/2.0.0-rc4...2.0.0-rc5 https://www.unicorn-engine.org/changelog • CWE-697: Incorrect Comparison •
CVE-2021-38013
https://notcve.org/view.php?id=CVE-2021-38013
Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en fingerprint recognition en Google Chrome en ChromeOS versiones anteriores a 96.0.4664.45, permitía a un atacante remoto que hubiera comprometido un proceso de renderización de la WebUI llevar a cabo potencialmente un filtrado de sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html https://crbug.com/1242392 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744 https://www.debian.org/security/2022/dsa-5046 • CWE-787: Out-of-bounds Write •
CVE-2021-23259 – Groovy Sandbox Bypass
https://notcve.org/view.php?id=CVE-2021-23259
Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE). Los usuarios autenticados con roles de Administrador o Desarrollador pueden ejecutar comandos del sistema operativo mediante el Script Groovy que usa Groovy lib para renderizar una página web. El script groovy no presenta restricciones de seguridad, lo que causará que atacantes ejecuten comandos arbitrarios de forma remota (RCE) • https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120102 • CWE-913: Improper Control of Dynamically-Managed Code Resources •