Skip to content
View ssst0n3's full-sized avatar
🐳
container security researching
🐳
container security researching

Organizations

@De1ta-team @NBLCTF @waterdropctf @ctrsploit @go-instrumentation

Block or report ssst0n3

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
ssst0n3/README.md

Hey all. 👋 Container Security newb here.

Here are the vulnerabilities i've found:

status discovered project item
[DONE] 2021-02-23 bitnami/laravel CVE-2021-21979: APP_KEY is fixed in docker image bitnami/laravel
[DONE] 2021-04-20 meshery CVE-2021-31856: A Sql Injection in Meshery
[DONE] 2021-04-30 docker CVE-2021-41089: docker cp allows unexpected chmod of host files
[DONE] 2021-05-26 kernel/cgroups CVE-2022-0492 (co-author)
[DISCOVERED] 2021-07-14 runc host infomation disclosure
[REPORTED] 2021-08-24 docker docker *** dos
[DISCOVERED] 2022-06-17 runc runc *** escape
[DONE] 2022-07-29 runc CVE-2023-28642: AppArmor/SELinux bypass with symlinked /proc
[DISCOVERED] 2022-08-04 runc runc host infomation disclosure
[DISCOVERED] 2023-02-14 docker docker host arbitrary file write
[DISCOVERED] 2023-03-02 docker docker host arbitrary file delete
[DONE] 2023-03-10 apport-cli CVE-2023-1326 (co-author)
[DISCOVERED] 2023-03-30 runc *** escape, any runtime
[DISCOVERED] 2023-04-07 runc *** escape, containerd only
[DISCOVERED] 2023-05-10 kata escape from ctr to guest vm

Here are some of my repositories i want to introduce to you:

updated at 2023-04-23


Top Langs

Pinned Loading

  1. my_vulnerabilities my_vulnerabilities Public

    The vulnerabilities i've found

    1

  2. docker-cve-2022-39253-poc docker-cve-2022-39253-poc Public

    Shell 10 5

  3. security-research-specification security-research-specification Public

    4