Unpatched vulnerabilities in Google App Engine

The Proof of Concept code for the unpatched Issues allows to gain access to the GAE Java environment only (it does not break the OS sandbox). Google App Engine Java VM is the first layer of defense and Google “considers the remaining, lower sandboxing layers sufficiently robust”

Read the security advisory here – http://seclists.org/fulldisclosure/2015/May/61

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top