This is the story of how I escaped the sandbox of the popular code execution system Judge0 by chaining multiple vulnerabilities. Utilising this chain, an attacker can escalate their privileges to root access on the host machine despite Judge0 being deployed inside a Docker container. These vulnerabilities were patched and were allocated CVE-2024-29021, CVE-2024-28185 and CVE-2024-28189.

Starting from an interest in understanding how code execution sandboxes can be implemented securely, my research took me into reviewing the source code of Judge0, which is the self-proclaimed “most advanced open-source online code execution system in the world”. Judge0 is used by software developers in the areas of programming interviews, competitive programming contests, and online code sandboxes.

In this deep dive I will cover a wide range of vulnerabilities, from server-side request forgery and path traversal to blacklist bypasses and command injection. The journey was not easy or straightforward, so I hope to guide you through my process as I ran into problems and overcame them. The end result is multiple full chain exploits going from unprivileged API access to unsandboxed code execution as root.