| SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts |
|
|
|
| So I Became A Node: Exploiting Bootstrap Tokens In Azure Kubernetes Service |
|
|
|
| Exploiting Kubernetes through Operator Injection |
|
|
|
| Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise |
|
|
|
| Istio outboundTrafficPolicy Egress Control Bypass |
|
|
|
| Absuing Amazon VPC CNI Plugin For Kubernetes |
|
|
|
| Executing Arbitrary Code & Executables in Read-Only FileSystems |
|
|
|
| Red team: Journey from RCE to have total control of cloud infrastructure |
|
|
|
| Container security: Infecting images to establish backdoors |
|
|
|
| #BrokenSesame: Accidental ‘write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services |
|
|
|
| Taking over “Google Cloud Shell” by utilizing capabilities and Kubelet |
|
|
|
| Kubernetes Privilege Escalation: Excessive Permissions in Popular Platforms |
|
|
|
| Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities |
|
|
|
| CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers |
|
|
|
| Exploring Container Security: A Storage Vulnerability Deep Dive |
|
|
|
| Metadata service MITM allows root privilege escalation (EKS / GKE) |
|
|
|
| runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465) |
|
|
|
writeups.xyz
/
Kubernetes