VYPR
High severityNVD Advisory· Published Sep 13, 2022· Updated Sep 16, 2024

Improper Control of Dynamically-Managed Code Resources in Crafter Studio

CVE-2022-40635

Description

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.craftercms:craftercmsMaven
>= 3.1.0, < 3.1.233.1.23

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.