CVE-2020-15257

bunnyshell_champion

MostAIagentsinproductionareexecutingLLM-generatedcodewithzeroisolation.Thisisinsane.

CVE-2020-15257：新たな脆弱性、containerd-shim API を悪用 #aqua /hashtag/コンテナ?src=hashtag_click /hashtag/セキュリティ?src=hashtag_click /hashtag/脆弱性?src=hashtag_click #containerd #CVE-2020-15257 -

A new vulnerability was found in #containerd, CVE-2020-15257. This vulnerability allows an attacker to gain root privileges on the host. Learn more on our #blog:

Proof of concept for CVE-2020-15257 in containerd

Technical Advisory: containerd – containerd-shim API Exposed to Host Network Containers (CVE-2020-15257) https://t.co/wXMa8pE251?amp=1

NEW: CVE-2020-15257 containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly ... (click for more) Severity: MEDIUM https://t.co/XKUCNo3oWQ?amp=1

NEW: CVE-2020-15257 containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly ... (click for more) Severity: MEDIUM https://t.co/XKUCNo3oWQ?amp=1

NEW: CVE-2020-15257 containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly ... (click for more) Severity: MEDIUM https://t.co/XKUCNo3oWQ?amp=1

/NCCGroupInfosec any word on the PoC for ABSTRACT SHIMMER (CVE-2020-15257)? "We will wait until January 11th, 2021 to publish the full exploit code."

New technical blog post: ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent Again. A follow up to our November 30 advisory with more details on the the vulnerability and our recommendations. https://t.co/2Mv5EJZRCA?amp=1