2024-04-29 09:58:00 UTC

Multiple critical security flaws in the Judge0 open-source online code execution system have been revealed, posing a danger of complete system takeover. These vulnerabilities, if exploited, could allow an attacker to execute code on the target system and gain root permissions. The flaws enable a malicious actor with enough access to perform a sandbox escape and seize control of the host machine. Australian researchers were the first to highlight the severity of these vulnerabilities.