CVE-2018-14364: How did I find a bug in Gitlab project import and got shell access
Brief
Recent Posts
What happens when I mount procfs from host to a Docker container, and why?
Docker has been a major component of my daily work since several years ago. It brings advantages on isolation, replication and scalability to our services. I...
Arbitrary data deserialization in Ruby
Deserializing untrusted data is usually dangerous and can lead to serious consequences like remote code execution. Remember not to deserialize user-input dat...