跳转到帖子

recommended_posts

发布于
  • Members

Judge0 sandbox escape

Disclosed
03/04/2024
Created
11/21/2024

Description

Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.

Author(s)

  • Tanto Security
  • Takahiro Yokoyama

Platform

Linux

Development

  • Source Code
  • History
  • 查看数 699
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…