web analytics

Critical RCE Flaw Reported in Spotify’s Backstage Software Catalog and Developer Platform

Rate this post

Spotify’s Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by leveraging a recently disclosed bug in a third-party module.
The vulnerability (CVSS score: 9.8), at its core, takes advantage of a critical sandbox escape in vm2, a popular JavaScript sandbox library (CVE-2022-36067 aka Sandbreak), that came to light lastLeer másThe Hacker News

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post