Collections of container escape techniques.
This repository is only used to collect techniques of container escape. For more information & resources about container security and cloud native security, see Awesome Cloud Native Security :P
Name | Type | Info | Status |
---|---|---|---|
CVE-2016-5195 | vuln/kernel | ||
CVE-2020-14386 | vuln/kernel | ||
CVE-2018-15664 | vuln/docker | ||
CVE-2019-14271 | vuln/docker | ||
CVE-2019-5736 | vuln/runc | ||
CVE-2017-1002101 | vuln/k8s | ||
CVE-2018-1002105 | vuln/k8s | ||
CVE-2020-8558 | vuln/k8s | ||
CVE-2020-15257 | vuln/containerd | ||
CVE-2020-2023/2025/2026 | vuln/kata | ||
CAP_DAC_READ_SEARCH | config | ||
CAP_SYS_ADMIN | config | ||
CAP_SYS_PTRACE | config | ||
Privileged Container | config | ||
Exposed Docker Remote API | config | ||
Exposed K8s API Server | config | ||
Exposed K8s Dashboard | config | ||
Exposed Kubelet API Server | config | ||
Mounted docker.sock | mount | ||
Mounted Host /etc | mount | ||
Mounted Host Procfs | mount |