There have been quite a few exploits over the years, with the most recent public CVE 2 years ago [1].
Your specific setup uses `--net=host` and this opens you up to potential vulnerabilities (see [2]).
You also shouldn't forget that containers have unrestricted network access bu default anyway. Even if your device is safe, they may be able to infect other vulnerable devices on your network.
Your specific setup uses `--net=host` and this opens you up to potential vulnerabilities (see [2]).
You also shouldn't forget that containers have unrestricted network access bu default anyway. Even if your device is safe, they may be able to infect other vulnerable devices on your network.
[1]: https://docs.docker.com/security/security-announcements/#doc... [2]: https://github.com/0xn3va/cheat-sheets/blob/main/Container/E...