Security Advisory

CVE-2024-23347

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-16 17:57:20

Last updated 2025-06-20 17:54:46

Assigner facebook

State PUBLISHED

Description

Prior to v176, when opening a new project Meta Spark Studio would execute scripts defined inside of a package.json file included as part of that project. Those scripts would have the ability to execute arbitrary code on the system as the application.

← Browse all CVEs View on cve.org ↗