US EditionDocker Desktop Bug Let Containers Hop the Fence with Ease
A critical CVE-2025-9074 vulnerability with a 9.3 severity rating enables malicious containers to hijack Windows and macOS hosts by exploiting Docker Engine API without authentication.
7 Articles
7 Articles
Critical Docker Desktop Vulnerability CVE-2025-9074 Allows Container Escape
In the fast-evolving world of containerization technology, a newly disclosed vulnerability in Docker Desktop has sent shockwaves through the developer and IT security communities, highlighting the persistent risks in tools designed to isolate applications. The flaw, tracked as CVE-2025-9074 with a critical severity score of 9.3 out of 10, enables attackers to escape container boundaries and compromise the underlying host system, particularly on …
Docker Desktop Flaw Exposes Windows and macOS Hosts to Container Escape
Docker has shipped an urgent patch for a critical vulnerability in Docker Desktop that allowed malicious containers to break out of their sandbox and gain unauthorized access to host systems. The flaw, tracked as CVE-2025-9074, carries a CVSS score of 9.3 out of 10 and has been fixed in version 4.44.3.At the heart of the bug was an overlooked internal API exposure. According to security researcher Felix Boulet, any container could connect to the…
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container. The vulnerability, tracked as CVE-2025-9074, carries a CVSS score of 9.3 out of 10.0. It has been addressed in version 4.44.3. "A malicious container running on Docker Desktop could access the
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
