Are any components of Horizon UAG (2111.2) affected by CVE-2023-29017?
Critical Vulnerability in vm2 JavaScript Sandbox Library: Exploit Code Available (socradar.io)
NVD - CVE-2023-29017 (nist.gov)
root@UAG [ ~ ]# find / -name "node.js"
/opt/vmware/gateway/lib/bsg/node_modules/express/node_modules/debug/node.js
There are no information published on the advisory board yet: Advisories (vmware.com)
Does anybody can provide more information, if UAG is safe?
Thanks and Regards!
Oliver
