cloud-security

Container Escape

Definition

A container escape is an attack where a process breaks out of container isolation and gains access to the host operating system or other containers. Container escapes typically exploit privileged container configurations, kernel vulnerabilities, or mount path traversal to access host resources.

Prevention requires running containers with dropped Linux capabilities, non-root users, read-only filesystems, restricted seccomp profiles, and keeping container runtimes and host kernels patched.

Related Terms

Pod Security

Pod Security Standards

Runtime Security

Sandboxing

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product