autolab — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting autolab. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Autolab is an open-source automated grading system primarily used in educational settings for managing programming assignments and coursework. Historically, Autolab has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS), privilege escalation flaws, and path traversal issues. These vulnerabilities often stem from improper input validation and insufficient access controls in its web interface. The system's 11 recorded CVEs highlight consistent security concerns, particularly around its file upload mechanisms and user permission handling. While no major public security incidents have been widely documented, the pattern of vulnerabilities suggests institutions using Autolab should implement strict input validation, regular patching, and proper sandboxing for code execution environments.

Top products by autolab: Autolab autolab/autolab

CVEs 11

CVE ID	Title	CVSS	Severity	Published
CVE-2024-53260	Course Roster vulnerable to CSV Injection in Autolab — AutolabCWE-1236	6.8	Medium	2024-11-27
CVE-2024-53258	download_all_submissions allows student to download another student's submissions in Autolab — AutolabCWE-359	6.5^AI	Medium^AI	2024-11-25
CVE-2024-52585	Autolab has HTML Injection Vulnerability — AutolabCWE-79	7.2^AI	High^AI	2024-11-18
CVE-2024-52584	Autolab has vulnerable submission endpoints — AutolabCWE-863	5.4^AI	Medium^AI	2024-11-18
CVE-2024-49376	Autolab Has Misconfigured Reset Password Permissions — AutolabCWE-287	8.8	-	2024-10-25
CVE-2023-44395	Autolab has Path Traversal vulnerability in Assessment functionality — AutolabCWE-22	4.9	Medium	2024-01-22
CVE-2023-32676	Autolab tar slip in Install Assessment functionality (`GHSL-2023-081`) — AutolabCWE-22	6.7	Medium	2023-05-26
CVE-2023-32317	Autolab tar slip in cheat checker functionality (`GHSL-2023-082`) — AutolabCWE-22	6.7	Medium	2023-05-26
CVE-2022-41956	Autolab is vulnerable to file disclosure via remote handin feature — AutolabCWE-22	6.5	Medium	2023-01-14
CVE-2022-41955	Autolab is vulnerable to remote code execution (RCE) via MOSS functionality — AutolabCWE-78	8.8	High	2023-01-14

This page lists every published CVE security advisory associated with autolab. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

autolab — Vulnerabilities & Security Advisories 11