JavaScript Task Sandbox Escape in Google Cloud Application Integration
CVE-2025-0982
9.4CRITICAL
What is CVE-2025-0982?
A sandbox escape vulnerability has been identified in the JavaScript Task feature of Google Cloud Application Integration. This flaw allows malicious actors to execute arbitrary unsandboxed code through crafted JavaScript, utilizing the Rhino engine. As of January 24, 2025, Google Cloud Application Integration will cease support for the Rhino engine, mitigating this issue. No further action is required for users in this respect.
Affected Version(s)
Application Integration 0