Advisories for Maven/De.tum.in.ase/Artemis-Java-Test-Sandbox package

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-98hq-4wmw-98w9. This link is maintained to preserve external references. Original Description Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-883x-6fch-6wjx. This link is maintained to preserve external references. Original Description Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-227w-wv4j-67h4. This link is maintained to preserve external references. Original Description Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

This advisory duplicates another.

Because of the missing checkLink(String) override in the SecurityManager, students can load libraries and execute arbitrary code.

This advisory duplicates another.

This affects all Artemis users who test Java assignments. Ares is not required. Students code that gets automatically tested can run arbitrary code in the container, or arbitrary code on the machine of an assessor in case of manual correction.

This allows an attacker to create special subclasses of InvocationTargetException that escape the exception sanitization because JUnit extracts the cause in a trusted context before the exception reaches Ares. This means that arbitrary student code can be executed in a trusted context, and that in turn allows disabling Ares and having full control over the system.

This advisory duplicates another.