Artemis Java Test Sandbox Security Vulnerability

Artemis Java Test Sandbox is a JUnit 5 extension for easy and secure Artemis Java testing. A security vulnerability exists in Artemis Java Test Sandbox versions prior to 1.7.6. An attacker can exploit this vulnerability to execute arbitrary Java...

Arbitrary code execution in de.tum.in.ase:artemis-java-test-sandbox

Summary Because of the missing checkLinkString override in the SecurityManager, students can load libraries and execute arbitrary code. Details Using System.loadString or System.loadLibrary​String students can load and execute arbitrary code. java private static native void startList args; public...

PT-2023-32946 · Unknown · Artemis Java Test Sandbox

Name of the Vulnerable Software and Affected Versions: Artemis Java Test Sandbox versions prior to 1.11.2 Description: The issue allows an attacker to escape the sandbox by loading untrusted libraries using System.load or System.loadLibrary. This can lead to arbitrary Java code execution when a...

PT-2022-28163 · Apache · Maven Enforcer Plugin

Name of the Vulnerable Software and Affected Versions: Artemis Java Test Sandbox versions prior to 1.8.0 Description: The issue allows an attacker to escape the sandbox by including class files in a package that Ares trusts, enabling the execution of arbitrary Java code when a victim runs the...