How severe is CVE-2025-0982?

CVE-2025-0982 has a CVSS v3 score of 10 (CRITICAL).

CVE-2025-0982

Name: application_integration
Author: google

10.0CRITICAL

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Ef

게시됨: 2/6/2025업데이트됨: 7/30/2025

설명

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.

AI 분석AI 기반

영향받는 제품

googleapplication_integration

참조

https://cloud.google.com/application-integration/docs/release-notes#January_23_2025
Release Notes