Here are the vulnerabilities i've found:
- my_vulnerabilities: The vulnerabilities i've found
| status | discovered | project | item |
|---|---|---|---|
| [DONE] | 2021-02-23 | bitnami/laravel | CVE-2021-21979: APP_KEY is fixed in docker image bitnami/laravel |
| [DONE] | 2021-04-20 | meshery | CVE-2021-31856: A Sql Injection in Meshery |
| [DONE] | 2021-04-30 | docker | CVE-2021-41089: docker cp allows unexpected chmod of host files |
| [DONE] | 2021-05-26 | kernel/cgroups | CVE-2022-0492 (co-author) |
| [DISCOVERED] | 2021-07-14 | runc | host infomation disclosure |
| [REPORTED] | 2021-08-24 | docker | docker *** dos |
| [DISCOVERED] | 2022-06-17 | runc | runc *** escape |
| [DONE] | 2022-07-29 | runc | CVE-2023-28642: AppArmor/SELinux bypass with symlinked /proc |
| [DISCOVERED] | 2022-08-04 | runc | runc host infomation disclosure |
| [DISCOVERED] | 2023-02-14 | docker | docker host arbitrary file write |
| [DISCOVERED] | 2023-03-02 | docker | docker host arbitrary file delete |
| [DONE] | 2023-03-10 | apport-cli | CVE-2023-1326 (co-author) |
| [DISCOVERED] | 2023-03-30 | runc | *** escape, any runtime |
| [DISCOVERED] | 2023-04-07 | runc | *** escape, containerd only |
| [DISCOVERED] | 2023-05-10 | kata | escape from ctr to guest vm |
| [DONE] | 2024-12-17 | nvidia-container-toolkit | CVE-2025-23359 |
Here are some of my repositories i want to introduce to you:
- container
- ctrsploit: A penetration toolkit for container environment
- docker_archive: Provide many versions of docker and docker's components
- registry_v2_client: A cli for registry v2
- docker_secret: An alternative of docker secret
- golang
- go_instrumentation: A generic instrumentation tool for golang
- awesome_libs
- lightweight_api
- lightweight_db
- codeql-go-vendor: A codeql extractor for go vendor mode project
- my poc/exp
- docker-cve-2022-39253-poc: docker host file read (using cve-2022-39253) poc
- security research
- security-research-specification
- source-analysis-system: Next Generation Source Analysis Report
- GHSA-NOTIFY: open source software security advisories based on GHSA
- ctf
- my_ctf_challenges: The ctf challenges i've designed
- waterdropctf
- reverse
- opdb: an opcode level debugger for python
- crypto
- yafu_docker: unofficial container image for yafu
- awd
- portable-git: portable git
- common security tools
- sectools
- go-shijack: tcp connection hijacker, go rewrite of shijack from 2001.
- other
- awesome_scripts: A collection of awesome scripts
- sshtunnel: A nice useful ssh tunnel
updated at 2023-04-23