Security Advisory

CVE-2025-0982

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-06 11:37:57

Last updated 2025-02-12 19:51:10

Assigner Google

State PUBLISHED

Description

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.

← Browse all CVEs View on cve.org ↗