Docker公司修复了Windows和macOS版Docker Desktop应用程序中的一个高危漏洞（CVE-2025-9074，CVSS评分9.3），攻击者可能利用该漏洞突破容器隔离限制。

Docker Desktop 针对 Windows 和 macOS 版本的一个高危漏洞（CVE-2025-9074）已被修复。该漏洞允许恶意容器逃逸隔离环境，获取宿主计算机的管理员权限。这款广受开发者欢迎的应用程序被发现存在安全缺陷，攻击者可借此突破隔离容器限制，完全控制计算机系统。该漏洞在 CVSS 评分体系中获得 9.3 分（满分 10 分），影响 Windows 和 macOS 双平台版本。

A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become ...

A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active.

"A malicious container running on Docker Desktop could access the Docker Engine and launch additional containers without ...

But there are tools like docker-compose to automate this workflow, which are very powerful when running multiple containers/services.

Docker, a new container technology, is hotter than hot because it makes it possible to get far more apps running on the same old servers and it also makes it very easy to package and ship programs ...

Linkwarden is a no-nonsense Pocket alternative out there. It’s a powerful, self-hosted bookmark and web archiving solution. While your browser’s built-in bookmark manager is fine for a few dozen links ...

Docker patched CVE-2025-9074 (CVSS 9.3), a flaw enabling container escape via unauthenticated API, risking host takeover.

VMware announced at VMworld that it would be working with Docker, Google and Pivotal to bring Docker containers to VMware.