Access Bypass in Google App Engine Python SDK
CVE-2011-4213

Currently unrated

Key Information:

Vendor

Google
Status
App Engine Python Sdk
Vendor
CVE Published:
30 October 2011

What is CVE-2011-4213?

The Google App Engine Python SDK prior to version 1.5.4 contains a vulnerability in its sandbox environment. The insecure implementation allows local users to exploit the os module, enabling them to bypass intended access restrictions. This flaw can lead to the execution of arbitrary commands through a specially crafted file_blob_storage.os reference within the code parameter to _ah/admin/interactive/execute, highlighting a significant security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://code.google.com/p/googleappengine/wiki/SdkReleaseN...
x_refsource_MISC
http://blog.watchfire.com/files/googleappenginesdk.pdf
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/71062
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.