Artemis Java Test Sandbox Libary Load Escape
Description
Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Artemis Java Test Sandbox before 1.11.2 allows sandbox escape via System.load or System.loadLibrary, enabling arbitrary code execution.
Vulnerability
The Artemis Java Test Sandbox (Ares) before version 1.11.2 fails to override the checkLink method in its custom SecurityManager. This omission allows untrusted code to call System.load or System.loadLibrary without restriction, thereby bypassing the sandbox [1][3]. The missing check means the security manager does not examine attempts to load native libraries, a critical oversight for a sandbox intended to prevent students from executing arbitrary code.
Exploitation
An attacker who can supply untrusted Java code to a victim (e.g., a student submitting code to a test environment) can call System.load("/path/to/malicious.so") or System.loadLibrary("malicious") within the sandbox [2][3]. No additional authentication or network position is required—the victim simply executes the provided code, triggering the library load. The attacker must have already placed a shared library on the file system, but in educational platforms this is often possible through file upload features.
Impact
Successful exploitation grants the attacker arbitrary code execution in the context of the Java test runner, completely escaping the sandbox [4]. This can lead to full compromise of the test environment, including access to hidden tests, modification of results, or lateral movement within the infrastructure.
Mitigation
The vulnerability is patched in version 1.11.2 of Artemis Java Test Sandbox [2][3]. Users should upgrade immediately. No workaround is available for earlier versions. The fix involves adding a checkLink override to the security manager to block unauthorized library loading.
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
de.tum.in.ase:artemis-java-test-sandboxMaven | < 1.11.2 | 1.11.2 |
Affected products
2- Range: <1.11.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-98hq-4wmw-98w9ghsathird-party-advisoryADVISORY
- github.com/ls1intum/Ares/security/advisories/GHSA-98hq-4wmw-98w9ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2024-23681ghsaADVISORY
- vulncheck.com/advisories/vc-advisory-GHSA-98hq-4wmw-98w9ghsathird-party-advisoryWEB
News mentions
0No linked articles in our index yet.