8.2
CVE-2024-23683
- EPSS 0.36%
- Veröffentlicht 19.01.2024 21:15:10
- Zuletzt bearbeitet 28.11.2025 17:16:07
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
LoginArtemis Java Test Sandbox InvocationTargetException Subclass Escape
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ls1intum ≫ Artemis Java Test Sandbox Version < 1.7.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.272 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.2 | 1.5 | 6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.2 | 1.5 | 6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
|
CWE-653 Improper Isolation or Compartmentalization
The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.
https://github.com/advisories/GHSA-883x-6fch-6wjx
https://github.com/ls1intum/Ares/commit/af4f28a56e2fe600d8750b3b415352a0a3217392
https://github.com/ls1intum/Ares/issues/15#issuecomment-996449371
https://github.com/ls1intum/Ares/releases/tag/1.7.6
https://github.com/ls1intum/Ares/security/advisories/GHSA-883x-6fch-6wjx
https://vulncheck.com/advisories/vc-advisory-GHSA-883x-6fch-6wjx