Docker Vulnerabilities Advisory

CERT-Bund Security Advisories

Published March 25th, 2026

Detected March 26th, 2026

Summary

CERT-Bund has issued an advisory regarding multiple vulnerabilities in Docker, with a CVSS base score of 8.8. The vulnerabilities allow local attackers to bypass security measures and disclose information. A patch is available.

View original document View source feed page

What changed

CERT-Bund has released Security Advisory WID-SEC-2026-0873 concerning multiple vulnerabilities in Docker versions prior to v29.3.1. These vulnerabilities, rated with a high CVSS base score of 8.8, can be exploited by local attackers to bypass security controls and expose sensitive information. The advisory applies to Docker installations on Linux, UNIX, and Windows operating systems.

Organizations utilizing Docker should immediately update to a patched version (v29.3.1 or later) to mitigate these risks. Failure to apply the update could lead to unauthorized information disclosure and security breaches. While this is a notice and not a rule, proactive patching is essential for maintaining system integrity and preventing exploitation.

What to do next

Update Docker to version v29.3.1 or later.
Review system configurations for unauthorized access attempts.

Source document (simplified)

[WID-SEC-2026-0873] docker: Mehrere Schwachstellen CVSS Base Score 8.8 (hoch) CVSS Temporal Score 7.7 (hoch) Remoteangriff nein Datum 25.03.2026 Stand 26.03.2026 Mitigation ja

Betroffene Systeme

Betriebssystem

Linux
Sonstiges
UNIX
Windows

Produktbeschreibung

Docker ist eine Open-Source-Software, die dazu verwendet werden kann, Anwendungen mithilfe von Betriebssystemvirtualisierung in Containern zu isolieren.

Produkte

25.03.2026
- Open Source docker <v29.3.1

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in docker ausnutzen, um Sicherheitsvorkehrungen zu umgehen und Informationen offenzulegen. CVE Informationen Versionshistorie Feedback zum Advisory geben