France Travail
Company Details
Linkedin ID:
francetravail
Employees number:
49,515
Number of followers:
1,297,317
NAICS:
92
Industry Type:
Homepage:
francetravail.fr
IP Addresses:
0
Company ID:
FRA_6314703
Scan Status:
In-progress
France Travail Company CyberSecurity Posture
francetravail.fr
France Travail est un acteur majeur du marché de l’emploi en France où il s’investit pour faciliter le retour à l’emploi des demandeurs d’emploi et offrir aux entreprises des réponses adaptées à leurs besoins de recrutement. Les 55 000 collaborateurs de France Travail œuvrent au quotidien pour être le trait d’union entre les demandeurs d’emploi et les entreprises. France Travail is a key player in the French employment market. Its role is to help the unemployed find work and support companies to fulfil their recruitment requirements. Day-to-day, France Travail's 55,000 staff provides that vital link between job seekers and companies.
France Travail A.I CyberSecurity Scoring
France Travail Risk Score (AI oriented)Between 700 and 749
France Travail
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
France Travail Global Score (TPRM)XXXX
France Travail
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
France Travail Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
France Travail
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: France Travail, the French employment agency, experienced a data breach affecting 340,000 users. Personal data, including names, addresses, phone numbers, and jobseeker statuses, were exposed. The breach was caused by an infostealer malware compromising a user account linked to a training organization. The agency assured that passwords and bank details were not affected but warned users about phishing risks. This is the second breach in two years for France Travail.
France Travail
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: France Travail suffered a cyberattack attributed to the Russian cybercriminal group Stormous, resulting in the theft of personal data from 31,000 job seekers. The attackers exploited infostealer malware installed on victims' personal computers to harvest login credentials, enabling unauthorized access to France Travail’s systems. Compromised data includes names, dates of birth, addresses, phone numbers, emails, passwords, ID cards, bank statements, tax notices, social security records, and professional histories (contracts, skills, training). While France Travail acknowledges the breach, it cannot confirm the full scope of exposed data or the exact number of affected individuals. The stolen information poses risks of phishing, identity theft, and financial fraud. This incident follows prior breaches in July 2025 (340,000 records) and March 2024 (43 million records), highlighting persistent vulnerabilities in the agency’s security posture. France Travail advises users to strengthen password security but has not mandated password resets.
France Travail Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for France Travail
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for France Travail in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for France Travail in 2026.
Incident Types France Travail vs Government Administration Industry Avg (This Year)
No incidents recorded for France Travail in 2026.
Incident History — France Travail (X = Date, Y = Severity)
France Travail cyber incidents detection timeline including parent company and subsidiaries
France Travail Company Subsidiaries
France Travail est un acteur majeur du marché de l’emploi en France où il s’investit pour faciliter le retour à l’emploi des demandeurs d’emploi et offrir aux entreprises des réponses adaptées à leurs besoins de recrutement. Les 55 000 collaborateurs de France Travail œuvrent au quotidien pour être le trait d’union entre les demandeurs d’emploi et les entreprises. France Travail is a key player in the French employment market. Its role is to help the unemployed find work and support companies to fulfil their recruitment requirements. Day-to-day, France Travail's 55,000 staff provides that vital link between job seekers and companies.
Loading...
France Travail Similar Companies
FDA
The Food and Drug Administration is an agency within the Department of Health and Human Services. The FDA is responsible for protecting the public health by ensuring the safety, efficacy, and security of human and veterinary drugs, biological products, and medical devices; and by ensuring the safet
USDA
The United States Department of Agriculture is the United States federal executive department responsible for developing and executing U.S. federal government policy on farming, agriculture, and food. It aims to meet the needs of farmers and ranchers, promote agricultural trade and production, work
Department of Health (Philippines)
The Philippine Department of Health (abbreviated as DOH; Filipino: Kagawaran ng Kalusugan) is the executive department of the Philippine government responsible for ensuring access to basic public health services by all Filipinos through the provision of quality health care and the regulation of all
State of California
Californians deserve a government that works for them and with them. One that will work to ensure opportunity and justice. We are building a California not for the few, but for all — including those who have historically been left out. We are doing the work to make our state a place for every Cali
Department for Education
Help us achieve world-class education, training and care for everyone, whatever their background. Whether you're just starting out, or an experienced professional, we have what you are looking for. Jobs include administration, policy advisers, digital, finance, commercial specialists and many more
Government of Alberta
Work with the Alberta government to build a stronger province for current and future generations. We offer diverse and rewarding employment opportunities in an environment that encourages continuous learning and career growth. We are one of the largest employers in Alberta with over 27,000 empl
Helsingin kaupunki – Helsingfors stad – City of Helsinki
#MeTeemmeHelsingin Helsingin kaupunki on Suomen suurin työnantaja, jonka palveluksessa on lähes 39 000 ammattilaista ja asiantuntijaa. Helsingin kaupunki tarjoaa henkilöstölle monipuolisia, mielenkiintoisia ja yhteiskunnallisesti merkittäviä työtehtäviä, hyvät mahdollisuudet kehittymiseen, ammatti
Ministère de l'Éducation nationale
Page officielle du ministère de l'Éducation nationale. Retrouvez toute l'information sur www.education.gouv.fr, twitter.com/education_gouv, facebook.com/education.gouv et dans nos lettres d'informations (bulletin hebdo et lettre education.gouv.fr). --------------------------------------------------
UK Home Office
At the Home Office, we help to ensure that the country is safe and secure. We’ve been looking after UK citizens since 1782. We are responsible for: - working on the problems caused by illegal drug use - shaping the alcohol strategy, policy and licensing conditions - keeping the United Kingdom safe
.png)
France Travail CyberSecurity News
December 23, 2025 08:00 AM
Wave of cyberattacks expose French failure to protect public digital systems
France's national postal service fell victim to a cyberattack December 22, disrupting parcel distribution days before Christmas.
December 15, 2025 08:00 AM
Data Breach: the Great Hemorrhage
France continues to break records in terms of data breaches. Companies, local authorities, public bodies — “They did not all die,...
December 11, 2025 08:00 AM
At France Travail, psychologists are on the front line in the face of the distress of job seekers.
In France Travail agencies, nearly a thousand psychologists try to support job seekers who are sometimes deeply vulnerable due to a...
November 19, 2025 08:00 AM
Data breach exposes info of over a million people at French agency
Up to 1.2 million individuals in France may have had their data exposed following a cybersecurity incident at Pajemploi, the country's...
October 31, 2025 07:00 AM
The former head of France Travail appointed interim CEO of…
The RATP is changing leadership. Following the departure of Jean Castex, who has been appointed head of the SNCF, Jean Bassères will serve...
September 26, 2025 07:00 AM
Top 5 Reasons to Attend Tech Show Paris 2025
Discover the Tech Show Paris 2025 Edition: a premier event for technology leaders in cloud, cybersecurity, and data solutions.
September 21, 2025 07:00 AM
The masquerade of data sales allegedly from ANTS
[ZATAZ News English version] – In mid-2025, a ZATAZ alert about a mass sale of civil registry records triggered seven months of...
August 26, 2025 07:00 AM
Cyberattack on French Retailer Auchan Exposes Thousands of Customers’ Data
French retail giant Auchan has announced it has fallen victim to another significant cyberattack, marking the second major data breach for...
August 04, 2025 07:00 AM
CompTIA Security+: The Leading Cybersecurity Certification in 2025
Pass the CompTIA Security+ certification in 2025: Format, price, prerequisites, careers, preparation tips. Kickstart your career in...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
France Travail CyberSecurity History Information
Official Website of France Travail
The official website of France Travail is https://www.francetravail.fr/accueil/.
France Travail’s AI-Generated Cybersecurity Score
According to Rankiteo, France Travail’s AI-generated cybersecurity score is 749, reflecting their Moderate security posture.
How many security badges does France Travail’ have ?
According to Rankiteo, France Travail currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has France Travail been affected by any supply chain cyber incidents ?
According to Rankiteo, France Travail has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does France Travail have SOC 2 Type 1 certification ?
According to Rankiteo, France Travail is not certified under SOC 2 Type 1.
Does France Travail have SOC 2 Type 2 certification ?
According to Rankiteo, France Travail does not hold a SOC 2 Type 2 certification.
Does France Travail comply with GDPR ?
According to Rankiteo, France Travail is not listed as GDPR compliant.
Does France Travail have PCI DSS certification ?
According to Rankiteo, France Travail does not currently maintain PCI DSS compliance.
Does France Travail comply with HIPAA ?
According to Rankiteo, France Travail is not compliant with HIPAA regulations.
Does France Travail have ISO 27001 certification ?
According to Rankiteo,France Travail is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of France Travail
France Travail operates primarily in the Government Administration industry.
Number of Employees at France Travail
France Travail employs approximately 49,515 people worldwide.
Subsidiaries Owned by France Travail
France Travail presently has no subsidiaries across any sectors.
France Travail’s LinkedIn Followers
France Travail’s official LinkedIn profile has approximately 1,297,317 followers.
NAICS Classification of France Travail
France Travail is classified under the NAICS code 92, which corresponds to Public Administration.
France Travail’s Presence on Crunchbase
No, France Travail does not have a profile on Crunchbase.
France Travail’s Presence on LinkedIn
Yes, France Travail maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/francetravail.
Cybersecurity Incidents Involving France Travail
As of January 21, 2026, Rankiteo reports that France Travail has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
France Travail has an estimated 11,873 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at France Travail ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Breach.
How does France Travail detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with services shut down, and remediation measures with strengthened security measures, accelerated rollout of 2fa, and recovery measures with services expected to be reactivated on july 24, and communication strategy with notified affected individuals, public statement, and and containment measures with enquête interne en cours, and remediation measures with rappel aux utilisateurs sur la robustesse des mots de passe, and communication strategy with confirmation publique de l'incident via tech & co..
Incident Details
Can you provide details on each incident ?
Title: France Travail Data Breach
Description: The French employment agency, France Travail, has suffered a data breach that could affect hundreds of thousands of jobseekers. The agency sent an email to its users on July 22, warning them of a data breach that was detected on July 13 on its 'employment' portal, which is used by its partners.
Date Detected: 2023-07-13
Date Publicly Disclosed: 2023-07-22
Type: Data Breach
Attack Vector: Infostealer Malware
Vulnerability Exploited: User account compromise
Title: Cyberattaque et vol de données chez France Travail affectant 31 000 demandeurs d'emploi
Description: France Travail a subi une cyberattaque revendiquée par le groupe Stormous, compromettant les données personnelles d'environ 31 000 demandeurs d'emploi. Les pirates affirment avoir accédé à des informations sensibles telles que les noms, adresses, numéros de téléphone, cartes d'identité, relevés bancaires, avis d'imposition et données professionnelles. L'attaque a été réalisée via des logiciels malveillants (infostealers) installés sur les ordinateurs personnels des victimes, permettant un accès légitime au système de France Travail.
Date Detected: 2025-10-29
Date Publicly Disclosed: 2025-10-29
Type: cyberattaque
Attack Vector: logiciels malveillants (infostealers)accès légitime via credentials volés
Vulnerability Exploited: faiblesse des mots de passe utilisateursmanque de protection des terminaux personnels
Threat Actor: Stormous (groupe cybercriminel d'origine russe)
Motivation: vol de donnéesrevente sur le dark webphishing futur
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through User account compromise via infostealer malware and ordinateurs personnels des demandeurs d'emploi (via infostealers).
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach FRA242072325
Data Compromised: Personal data of 340,000 users including names, postal and email addresses, phone numbers, France Travail identifiers, and jobseeker statuses
Systems Affected: KairosEmployment portal
Downtime: Services shut down on July 12, expected to be reactivated on July 24
Incident : cyberattaque FRA2692726102925
Systems Affected: système d'information de France Travail (accès via comptes utilisateurs compromis)
Operational Impact: enquête en cours
Brand Reputation Impact: risque élevé (récidive après incidents de 2024 et juillet 2025)
Identity Theft Risk: élevé (données sensibles exposées)
Payment Information Risk: élevé (relevés bancaires et avis d'imposition compromis)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, postal and email addresses, phone numbers, France Travail identifiers, jobseeker statuses, Noms D'Utilisateurs, Mots De Passe, Noms Complets, Dates De Naissance, Adresses, Numéros De Téléphone, Emails, Cartes D'Identité, Relevés D'Identité Bancaire, Avis D'Imposition, Attestations De Sécurité Sociale, Formations, Contrats De Travail, Compétences Professionnelles, Parcours Professionnels and .
Which entities were affected by each incident ?
Incident : Data Breach FRA242072325
Entity Name: France Travail
Entity Type: Employment Agency
Industry: Employment Services
Location: France
Customers Affected: 340000
Incident : cyberattaque FRA2692726102925
Entity Name: France Travail
Entity Type: agence gouvernementale
Industry: emploi et services publics
Location: France
Customers Affected: 31 000 (estimé)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach FRA242072325
Containment Measures: Services shut down
Remediation Measures: Strengthened security measures, accelerated rollout of 2FA
Recovery Measures: Services expected to be reactivated on July 24
Communication Strategy: Notified affected individuals, public statement
Incident : cyberattaque FRA2692726102925
Incident Response Plan Activated: True
Containment Measures: enquête interne en cours
Remediation Measures: rappel aux utilisateurs sur la robustesse des mots de passe
Communication Strategy: confirmation publique de l'incident via Tech & Co
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach FRA242072325
Type of Data Compromised: Names, postal and email addresses, phone numbers, France Travail identifiers, jobseeker statuses
Number of Records Exposed: 340000
Sensitivity of Data: Personal data
Incident : cyberattaque FRA2692726102925
Type of Data Compromised: Noms d'utilisateurs, Mots de passe, Noms complets, Dates de naissance, Adresses, Numéros de téléphone, Emails, Cartes d'identité, Relevés d'identité bancaire, Avis d'imposition, Attestations de sécurité sociale, Formations, Contrats de travail, Compétences professionnelles, Parcours professionnels
Number of Records Exposed: 31 000 (estimé, non confirmé)
Sensitivity of Data: très élevée (données personnelles et financières)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Strengthened security measures, accelerated rollout of 2FA, rappel aux utilisateurs sur la robustesse des mots de passe, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by services shut down, enquête interne en cours and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : cyberattaque FRA2692726102925
Data Exfiltration: True
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Services expected to be reactivated on July 24.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach FRA242072325
Legal Actions: Complaint filed with French authorities, notified CNIL
Regulatory Notifications: Notified CNIL
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Complaint filed with French authorities, notified CNIL.
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : cyberattaque FRA2692726102925
Recommendations: renforcement de la sensibilisation des utilisateurs aux infostealers, mise en place de solutions de détection des malwares sur les terminaux personnels, authentification multifacteur (MFA) obligatoire, surveillance proactive des credentials exposés sur le dark webrenforcement de la sensibilisation des utilisateurs aux infostealers, mise en place de solutions de détection des malwares sur les terminaux personnels, authentification multifacteur (MFA) obligatoire, surveillance proactive des credentials exposés sur le dark webrenforcement de la sensibilisation des utilisateurs aux infostealers, mise en place de solutions de détection des malwares sur les terminaux personnels, authentification multifacteur (MFA) obligatoire, surveillance proactive des credentials exposés sur le dark webrenforcement de la sensibilisation des utilisateurs aux infostealers, mise en place de solutions de détection des malwares sur les terminaux personnels, authentification multifacteur (MFA) obligatoire, surveillance proactive des credentials exposés sur le dark web
References
Where can I find more information about each incident ?
Incident : Data Breach FRA242072325
Source: Next
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Next, and Source: Tech & CoDate Accessed: 2025-10-29.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : cyberattaque FRA2692726102925
Investigation Status: en cours (équipes internes de France Travail)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notified affected individuals, public statement and Confirmation Publique De L'Incident Via Tech & Co.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach FRA242072325
Customer Advisories: Email notification to users, public statement
Incident : cyberattaque FRA2692726102925
Stakeholder Advisories: Vigilance Accrue Sur La Robustesse Des Mots De Passe.
Customer Advisories: risque de phishing accru ; surveillance des comptes bancaires recommandée
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Email notification to users, public statement, Vigilance Accrue Sur La Robustesse Des Mots De Passe, Risque De Phishing Accru ; Surveillance Des Comptes Bancaires Recommandée and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach FRA242072325
Entry Point: User account compromise via infostealer malware
Incident : cyberattaque FRA2692726102925
Entry Point: ordinateurs personnels des demandeurs d'emploi (via infostealers)
High Value Targets: Données Personnelles Et Professionnelles Des Demandeurs D'Emploi,
Data Sold on Dark Web: Données Personnelles Et Professionnelles Des Demandeurs D'Emploi,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach FRA242072325
Root Causes: User account compromise via infostealer malware
Corrective Actions: Strengthened security measures, accelerated rollout of 2FA
Incident : cyberattaque FRA2692726102925
Root Causes: Utilisation D'Infostealers Sur Les Terminaux Personnels, Réutilisation De Credentials Compromis, Manque De Contrôle Sur Les Appareils Personnels Accédant Au Système,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Strengthened security measures, accelerated rollout of 2FA.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Stormous (groupe cybercriminel d'origine russe).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-07-13.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-10-29.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal data of 340,000 users including names, postal and email addresses, phone numbers, France Travail identifiers, and jobseeker statuses and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was KairosEmployment portal and système d'information de France Travail (accès via comptes utilisateurs compromis).
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Services shut down and enquête interne en cours.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal data of 340,000 users including names, postal and email addresses, phone numbers, France Travail identifiers and and jobseeker statuses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 371.0.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Complaint filed with French authorities, notified CNIL.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was renforcement de la sensibilisation des utilisateurs aux infostealers, surveillance proactive des credentials exposés sur le dark web, authentification multifacteur (MFA) obligatoire and mise en place de solutions de détection des malwares sur les terminaux personnels.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Tech & Co and Next.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is en cours (équipes internes de France Travail).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was vigilance accrue sur la robustesse des mots de passe, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Email notification to users, public statement and risque de phishing accru ; surveillance des comptes bancaires recommandée.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an ordinateurs personnels des demandeurs d'emploi (via infostealers) and User account compromise via infostealer malware.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was User account compromise via infostealer malware, utilisation d'infostealers sur les terminaux personnelsréutilisation de credentials compromismanque de contrôle sur les appareils personnels accédant au système.
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Strengthened security measures, accelerated rollout of 2FA.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=francetravail' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
