#Judge0Security

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover

by

April 30, 2024 at 01:33PM Three critical-severity vulnerabilities in the Judge0 open source service enable sandbox escapes and complete host machine takeovers. The flaws impact versions before 1.13.1 and can lead to code execution outside the sandbox, privilege escalation, and full system access. While version 1.13.1 addresses the issues, the potential for exploitation via other … Read more

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

by

April 29, 2024 at 06:48AM Multiple critical security flaws were disclosed in the Judge0 open-source online code execution system, posing a risk of code execution on the target system. The flaws allow a sandbox escape and obtaining root permissions. The vulnerabilities, with CVE scores of 10.0 and 9.1, have been addressed in version 1.13.1 released … Read more