H1-2575105 — Vulnetix

H1-2575105 PUBLISHED CVSS 7.699999809265137 HIGH

Worker permission bypass via InternalWorker leak in diagnostics

Risk Scores

CVSS 3.1

7.699999809265137

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploit Intelligence

Worker permission bypass via InternalWorker leak in diagnostics (hackerone)
Worker permission bypass via InternalWorker leak in diagnostics (hackerone)
GenerationConfig.java (github-poc)
SelfAdaptationGenerationConfig.java (github-poc)

Timeline

Jan 21, 2025 CVE Published
Jan 21, 2025 PoC Published

References

Worker permission bypass via InternalWorker leak in diagnostics advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›