Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system.
The three flaws, all critical in nature, allow an « adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine, » Australian