Docker

Desktop

26 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 02.06.2026 21:09:03
  • Zuletzt bearbeitet 04.06.2026 15:21:14

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76....

Medienbericht
  • EPSS 0.22%
  • Veröffentlicht 22.05.2026 19:28:38
  • Zuletzt bearbeitet 01.06.2026 18:07:43

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the model_file configuration field in config.json. When a model's config.j...

  • EPSS 0.22%
  • Veröffentlicht 22.05.2026 19:24:15
  • Zuletzt bearbeitet 01.06.2026 18:08:14

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trust_remote_code=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.from_pretrained() to import and execute ar...

  • EPSS 0.21%
  • Veröffentlicht 22.05.2026 18:32:15
  • Zuletzt bearbeitet 29.05.2026 19:02:40

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. Howe...

  • EPSS 0.19%
  • Veröffentlicht 24.02.2026 10:16:03
  • Zuletzt bearbeitet 27.02.2026 17:56:12

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entri...

  • EPSS 0.19%
  • Veröffentlicht 09.12.2025 20:39:52
  • Zuletzt bearbeitet 30.01.2026 19:35:24

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred.

Medienbericht
  • EPSS 0.1%
  • Veröffentlicht 27.10.2025 13:53:40
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through mali...

  • EPSS 0.14%
  • Veröffentlicht 26.09.2025 21:15:34
  • Zuletzt bearbeitet 15.04.2026 00:35:42

In a hardened Docker environment, with Enhanced Container Isolation ( ECI https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/ ) enabled, an administrator can utilize the command restrictions feature https://doc...

Medienbericht
  • EPSS 1.59%
  • Veröffentlicht 20.08.2025 13:28:35
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Containe...

  • EPSS 0.13%
  • Veröffentlicht 03.07.2025 10:15:37
  • Zuletzt bearbeitet 15.04.2026 00:35:42

System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc.  A malicious actor with read access to th...