CVE-2024-23682
HIGHDescription
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ls1intum | artemis_java_test_sandbox |
References
Advisories & Patches
Exploits
Other References
Frequently Asked Questions
What is CVE-2024-23682? +
How severe is CVE-2024-23682? +
What products are affected by CVE-2024-23682? +
How do I check if I'm vulnerable to CVE-2024-23682? +
Related Vulnerabilities
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified …
Visual Studio Code Python Extension Remote Code Execution Vulnerability
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally.
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that …
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected are 12.2.3-12.2.14. …