Vulnerability Details CVE-2025-0982
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript execution engine. No further fix actions are needed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.8%
CVSS Severity
CVSS v3 Score 10.0
Products affected by CVE-2025-0982
-
cpe:2.3:a:google:application_integration:*