Anthropic Sandbox Runtime Network Sandbox Bypass Vulnerability
Vulnerability
A vulnerability in Anthropic Sandbox Runtime versions prior to 0.0.16 allows sandboxed code to make network requests outside of the intended restrictions. This issue arises from a flaw in the sandboxing logic, where an empty allowed domains configuration was interpreted as permitting all network access. The vulnerability could be exploited by any code running in the sandbox that attempts to make network requests. The problem has been addressed in version 0.0.16.
Impact
Exploitation of this vulnerability could lead to unauthorized network access from within the sandbox, allowing potentially harmful requests to be made outside the intended restrictions.
Reproduction
The vulnerability can be reproduced by configuring a sandbox policy with an empty allowed domains array. When the sandbox is activated, network requests will be allowed to bypass the sandbox restrictions, contrary to the documented behavior that an empty array should block all network access.
Remediation
Users can upgrade to Anthropic Sandbox Runtime version 0.0.16 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.