{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-18T19:19:57.828","vulnerabilities":[{"cve":{"id":"CVE-2025-4095","sourceIdentifier":"security@docker.com","published":"2025-04-29T18:15:46.180","lastModified":"2026-06-17T09:32:29.633","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would allow Docker Desktop users to pull down unapproved, and potentially malicious images from any registry."},{"lang":"es","value":"Registry Access Management (RAM) es una función de seguridad que permite a los administradores restringir el acceso de sus desarrolladores únicamente a los registros permitidos. Cuando se utiliza un perfil de configuración de macOS para forzar el inicio de sesión de la organización, no se aplican las políticas de RAM, lo que permitiría a los usuarios de Docker Desktop descargar imágenes no autorizadas y potencialmente maliciosas de cualquier registro."}],"affected":[{"source":"security@docker.com","affectedData":[{"vendor":"Docker","product":"Docker Desktop","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"4.36.0","lessThan":"4.41.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@docker.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T17:59:56.533245Z","id":"CVE-2025-4095","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@docker.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://docs.docker.com/security/for-admins/hardened-desktop/registry-access-management","source":"security@docker.com"}]}}]}