High severity7.5NVD Advisory· Published Oct 28, 2016· Updated May 6, 2026

CVE-2016-8867

Description

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.

Affected products

Docker/Docker
cpe:2.3:a:docker:docker:1.12.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/94228nvdThird Party AdvisoryVDB Entry
www.docker.com/docker-cve-databasenvdVendor Advisory
www.securitytracker.com/id/1037203nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000