This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Judge0 CE (v1.13.1-) fails to validate **symbolic links** inside its sandbox. π **Consequences**: Attackers bypass isolation, writing arbitrary files & executing code **outside** the sandbox.β¦
π‘οΈ **Root Cause**: **CWE-61** (Symbolic Link Following). The app ignores symlink safety checks. π« It trusts paths inside the sandbox without verifying if they point elsewhere. β οΈ Critical logic flaw in `isolate_job.rb`.
Q3Who is affected? (Versions/Components)
π― **Affected**: **Judge0 CE** versions **before 1.13.1**. π¦ Specifically the open-source online code execution system. π’ Vendor: **judge0**. Check your version immediately!
Q4What can hackers do? (Privileges/Data)
π **Attacker Power**: Full **Remote Code Execution (RCE)**! π Can write arbitrary files anywhere on the host. π Can execute malicious code outside the sandbox. π **CVSS**: High (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
π΅οΈ **Public Exp?**: No specific PoC code listed in data. π But **GitHub Advisory** (GHSA-h9g2-45c8-89cf) confirms the flaw. π Source code links provided. Expect wild exploitation soon given low barrier!
Q7How to self-check? (Features/Scanning)
π **Self-Check**: 1. Check Judge0 version < 1.13.1. π 2. Scan for exposed Judge0 CE instances. π 3. Review `isolate_job.rb` logic if self-hosted. π οΈ 4. Look for unexpected file writes outside sandbox.