Did you know ... Search Documentation:
Security Vulnerability in Pengines
0 upvotes 0 0 downvotes
Picture of user Anne Ogborn.

This weekend Vladislav Zorov reported a vulnerability in pengine sandboxing.

This vulnerability allows any user who can create a pengine to execute unconstrained prolog code, including process_create.

The vulnerability can be triggered simply by loading pengines.

This vulnerability was patched with commit


We recommend all pengines users upgrade to this release or later.

Big thanks to Vladislav.

Back to fresh news items