Which scenario MOST likely represents a container escape attack?

Container escape is about breaking out of the isolated environment a container runs in and gaining access to the host or host resources. The scenario described matches this: exploiting a CVE in the container runtime to reach the host file system directly targets the boundary that keeps the container separate from the host. If a vulnerability in something like the runtime or the kernel allows code inside the container to execute on the host or view host files, that’s a true escape from the container’s sandbox. The other possibilities don’t represent escaping the container. Stealing credentials for a container image or registry is about gaining access to credentials rather than breaking container isolation. Misconfiguring Kubernetes RBAC to access a pod deals with authorization inside the cluster, not escaping to the host. Escalating privileges inside the container by abusing an API key stays within the container’s own execution context, not breaking out to the host.