CVE-2024-28185 | Judge0 up to 1.13.0 run_script symlink

Posted by Angelo Barbosa | Apr 18, 2024 | CVE

A vulnerability was found in Judge0 up to 1.13.0. It has been declared as very critical. Affected by this vulnerability is the function run_script. The manipulation leads to symlink following.

This vulnerability is known as CVE-2024-28185. The attack can be launched remotely. There is no exploit available.

CVE-2024-28185 | Judge0 up to 1.13.0 run_script symlink

Related Posts

CVE-2024-37457 | Ultimate Blocks Gutenberg Blocks Plugin up to 3.1.9 on WordPress cross site scripting

CVE-2024-2476 | OceanWP Plugin up to 3.5.4 on WordPress file inclusion

CVE-2022-48804 | Linux Kernel up to 5.16.9 vt_ioctl array_index_nospec integer underflow

CVE-2024-39307 | Kareadita Kavita up to 0.8.0 cross site scripting (GHSA-r4qc-3w52-2v84)