A security researcher has found a significant flaw in Docker that can give attackers access to all the files within the host system. The vulnerability has been given the designation of CVE-2018-15664. As of now, there’s no fix for this particular vulnerability, and some proof-of-concept attacks have already been spotted. Security experts caution that companies using containers as part of their software development cycle should heed this warning because no patch is in place. In April, Docker was forced to notify users that a hacker briefly had access to sensitive data from its Docker Hub accounts.”]
Source: https://www.cuinfosecurity.com/researcher-describes-docker-vulnerability-a-12535