Collections of container escape techniques.
This repository is only used to collect techniques of container escape. For more information & resources about container security and cloud native security, see Awesome Cloud Native Security :P
| Name | Type | Info | Status |
|---|---|---|---|
| CVE-2016-5195 | vuln/kernel | ||
| CVE-2020-14386 | vuln/kernel | ||
| CVE-2018-15664 | vuln/docker | ||
| CVE-2019-14271 | vuln/docker | ||
| CVE-2019-5736 | vuln/runc | ||
| CVE-2017-1002101 | vuln/k8s | ||
| CVE-2018-1002105 | vuln/k8s | ||
| CVE-2020-8558 | vuln/k8s | ||
| CVE-2020-15257 | vuln/containerd | ||
| CVE-2020-2023/2025/2026 | vuln/kata | ||
| CAP_DAC_READ_SEARCH | config | ||
| CAP_SYS_ADMIN | config | ||
| CAP_SYS_PTRACE | config | ||
| Privileged Container | config | ||
| Exposed Docker Remote API | config | ||
| Exposed K8s API Server | config | ||
| Exposed K8s Dashboard | config | ||
| Exposed Kubelet API Server | config | ||
| Mounted docker.sock | mount | ||
| Mounted Host /etc | mount | ||
| Mounted Host Procfs | mount |