https://www.theregister.co.uk/2019/11/21/docker_cp_flaw/

Miscreants can potentially hijack Docker users' computers by tricking them into running malicious containers and waiting for them to kick off a simple copy command – thanks to a critical flaw.

Bug hunters at Palo Alto Networks' Unit 42 say the vulnerability, designated CVE-2019-14271, is the most severe found in Docker since the disclosure of the runc hole in February.