Security researchers have discovered a number of critical vulnerabilities in the Java environment of the Google App Engine that enables attackers to bypass critical security sandbox defenses.
GAE offers to run custom-built programs using a wide variety of popular languages and frameworks, out of which many are built on the Java environment. By exploiting the vulnerabilities, security researchers were able to bypass Google App Engine whitelisting of Java Runtime Environment Classes and gain access to full JRE. They discovered 22 full Java VM security sandbox escape issues and were able to exploit 17 of them successfully.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland