Open bruceg opened 5 years ago
Is railcar vulnerable to this exploit? I tried using the docker-based exploit, but it requires the use of the "railcar exec" command, which is not yet implemented. Does that mean it is not possible to exploit it with railcar?
ref: https://nvd.nist.gov/vuln/detail/CVE-2019-5736
that does it mean indeed... OTOH.. it's pity that Vish stopped working on that :'( toy
Is railcar vulnerable to this exploit? I tried using the docker-based exploit, but it requires the use of the "railcar exec" command, which is not yet implemented. Does that mean it is not possible to exploit it with railcar?
ref: https://nvd.nist.gov/vuln/detail/CVE-2019-5736