1. Home
  2. Vulnerabilities
  3. CVE-2024-23682

CVE-2024-23682

CVSS v3.1 8.2 (High)
82% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Graph Web & Social Timeline

Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

Weaknesses
CWE-501
Trust Boundary Violation
CWE-653
Improper Isolation or Compartmentalization
CWE-NVD-noinfo
CVE Status
PUBLISHED
CNA
VulnCheck
Published Date
2024-01-19 21:15:10
(8 months ago)
Updated Date
2024-01-26 15:08:33
(7 months ago)

Affected Products

Ls1intum

Configuration #1

    CPE23 From Up To
  Ls1intum Artemis Java Test Sandbox prior 1.8.0 version cpe:2.3:a:ls1intum:artemis_java_test_sandbox < 1.8.0