[ewindisch]

The breakout risk with both is with malicious images, not with malicious processes running in those images. Furthermore, the archive path-traversal issue is dangerous because it is exploitable by merely downloading images, even if they're not run.

Still, if you own all the container images that you're consuming or only use the official builds, the risk is minimal. Mind you that some users intentionally run containers with elevated privileges via the '--privileged' flag.

However, if you're running Docker 1.3.0 or older, you're also vulnerable to MITM attacks against the registry, potentially compromising images as they're downloaded. It's highly advised that everyone upgrade.

[preillyme]

Up to and including version 1.3.1, was vulnerable to extracting files to arbitrary paths on the host during ‘docker pull’ and ‘docker load’ operations. This was caused by symlink and hardlink traversals present in Docker's image extraction. This vulnerability could be leveraged to perform remote code execution and privilege escalation.