How severe is CVE-2025-0982?

CVE-2025-0982 has a CVSS v3 score of 10 (CRITICAL).

CVE-2025-0982

Name: application_integration
Author: google

10.0CRITICAL

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Ef

Publicado: 2/6/2025Actualizado: 7/30/2025

Descripción

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.

Análisis IAImpulsado por IA

Productos Afectados

googleapplication_integration

Referencias

https://cloud.google.com/application-integration/docs/release-notes#January_23_2025
Release Notes