Vulnerabilities > CVE-2024-23682 - Unspecified vulnerability in Ls1Intum Artemis Java Test Sandbox
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
Vulnerable Configurations
References
- https://github.com/advisories/GHSA-227w-wv4j-67h4
- https://github.com/advisories/GHSA-227w-wv4j-67h4
- https://github.com/ls1intum/Ares/issues/15
- https://github.com/ls1intum/Ares/issues/15
- https://github.com/ls1intum/Ares/releases/tag/1.8.0
- https://github.com/ls1intum/Ares/releases/tag/1.8.0
- https://github.com/ls1intum/Ares/security/advisories/GHSA-227w-wv4j-67h4
- https://github.com/ls1intum/Ares/security/advisories/GHSA-227w-wv4j-67h4
- https://vulncheck.com/advisories/vc-advisory-GHSA-227w-wv4j-67h4
- https://vulncheck.com/advisories/vc-advisory-GHSA-227w-wv4j-67h4