CVE-2025-4095

Vulnerability Description

Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would allow Docker Desktop users to pull down unapproved, and potentially malicious images from any registry.

Related Weaknesses (CWE)

CWE-862

References

https://docs.docker.com/security/for-admins/hardened-desktop/registry-access-man

FAQ

What is CVE-2025-4095?

CVE-2025-4095 is a documented vulnerability. Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce...

How severe is CVE-2025-4095?

CVSS scoring is not yet available for CVE-2025-4095. Check NVD for updates.

Is there a patch for CVE-2025-4095?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.