module
Judge0 sandbox escape
| Disclosed |
|---|
| Mar 4, 2024 |
Disclosed
Mar 4, 2024
Description
Judge0 does not account for symlinks placed inside the sandbox directory,
which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.
which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.