Play-with-Docker is an open source free in-browser online playground designed to help developers learn how to use containers. CyberArk researchers say they were able to escape the container and run code remotely right on the host. The hack does not impact production Docker instances, according to CyberArk, researchers that developed the proof-of-concept attack. Play-in-browser platform was notified of the vulnerability on November 6, and developers promised a quick fix. The bug was patched on January 7, and CyberArk estimates there were as many as 200 instances of containers running on the platform.
Source: https://threatpost.com/hack-allows-escape-of-play-with-docker-containers/140831/