#cve-2025-9074

[ follow ]
#docker-desktop
fromTheregister
1 week ago
Information security

Docker Desktop bug let containers hop the fence with ease

A critical Docker Desktop vulnerability allowed unauthenticated containers to access the Engine API, enabling host drive mounting and full administrator control on Windows via WSL2.
fromThe Hacker News
1 week ago
Information security

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

Critical Docker Desktop vulnerability (CVE-2025-9074) allowed containers unauthenticated access to Docker Engine API, enabling host compromise; fixed in version 4.44.3.
[ Load more ]