Tag

Container Escape

All articles tagged with #container escape

technology4 months ago•2 min saved

Critical Docker Desktop Vulnerability Allows Container Escape and Host Compromise

Docker Desktop patched a critical security flaw (CVE-2025-9074) that allowed containers to break out and control the host system, especially on Windows where Docker runs via WSL2, by exposing an open Engine API on a TCP port. The vulnerability could let malicious containers access or modify host files, escalate privileges, and compromise system security. Users are advised to update to version 4.44.3 immediately to close the exposed API and prevent potential attacks.

via theregister.com|

#container-escape #cve-2025-9074 #docker-desktop

security4 months ago•2 min saved

Docker Desktop patch addresses critical security flaws enabling host compromise

Docker has released version 4.44.3 to fix a critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS that could allow attackers to escape containers and gain full host access, with a CVSS score of 9.3. The flaw stems from unauthenticated access to the Docker Engine API, enabling malicious containers to compromise the host system, especially on Windows, while Linux remains unaffected.

via The Hacker News|

#container-escape #cve-2025-9074 #docker