CVE-2024-28397

Published June 20th, 2024

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.

Marven11/CVE-2024-28397-js2py-Sandbox-Escape

CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction.

GitHub

29