UBUNTU-CVE-2026-33990
- Source
- https://ubuntu.com/security/CVE-2026-33990
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-33990.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-33990
- Upstream
- Published
- 2026-04-01T17:28:00Z
- Modified
- 2026-05-20T16:25:32.529656282Z
- Severity
-
- 6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N CVSS Calculator
- 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's WWW-Authenticate header without validating the scheme, hostname, or IP range. A malicious OCI registry can set the realm to an internal URL (e.g., http://127.0.0.1:3000/), causing Model Runner running on the host to make arbitrary GET requests to internal services and reflect the full response body back to the caller. Additionally, the token exchange mechanism can relay data from internal services back to the attacker-controlled registry via the Authorization: Bearer header. This issue has been patched in version 1.1.25. For Docker Desktop users, enabling Enhanced Container Isolation (ECI) blocks container access to Model Runner, preventing exploitation. However, if the Docker Model Runner is exposed to localhost over TCP in specific configurations, the vulnerability is still exploitable.
- References
Affected packages
Ubuntu:25.10
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
27.*
27.5.1-0ubuntu3
27.5.1-0ubuntu4
28.*
28.2.2-0ubuntu1
29.*
29.1.3-0ubuntu3~25.10.1
Ubuntu:26.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
28.*
28.2.2-0ubuntu1
29.*
29.1.2-0ubuntu1
29.1.3-0ubuntu1
29.1.3-0ubuntu2
29.1.3-0ubuntu3
29.1.3-0ubuntu4
29.1.3-0ubuntu4.1
Ubuntu:Pro:16.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io?arch=source&distro=esm-infra%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.6.2~dfsg1-1ubuntu4
1.10.2-0ubuntu3
1.10.2-0ubuntu4
1.10.3-0ubuntu1
1.10.3-0ubuntu4
1.10.3-0ubuntu5
1.10.3-0ubuntu6
1.11.2-0ubuntu5~16.04
1.12.1-0ubuntu13~16.04.1
1.12.3-0ubuntu4~16.04.2
1.12.6-0ubuntu1~16.04.1
1.13.1-0ubuntu1~16.04.2
17.*
17.03.2-0ubuntu2~16.04.1
18.*
18.06.1-0ubuntu1~16.04.2
18.06.1-0ubuntu1.2~16.04.1
18.09.2-0ubuntu1~16.04.1
18.09.5-0ubuntu1~16.04.2
18.09.7-0ubuntu1~16.04.1
18.09.7-0ubuntu1~16.04.4
18.09.7-0ubuntu1~16.04.5
18.09.7-0ubuntu1~16.04.6
18.09.7-0ubuntu1~16.04.7
18.09.7-0ubuntu1~16.04.9+esm1
18.09.7-0ubuntu1~16.04.9+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "docker.io",
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2"
},
{
"binary_name": "golang-docker-dev",
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2"
},
{
"binary_name": "golang-github-docker-docker-dev",
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2"
},
{
"binary_name": "vim-syntax-docker",
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2"
}
]
}Ubuntu:Pro:18.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io?arch=source&distro=esm-apps%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.13.1-0ubuntu6
17.*
17.03.2-0ubuntu1
17.03.2-0ubuntu3
17.03.2-0ubuntu5
17.12.1-0ubuntu1
18.*
18.06.1-0ubuntu1~18.04.1
18.06.1-0ubuntu1.2~18.04.1
18.09.2-0ubuntu1~18.04.1
18.09.5-0ubuntu1~18.04.2
18.09.7-0ubuntu1~18.04.1
18.09.7-0ubuntu1~18.04.3
18.09.7-0ubuntu1~18.04.4
19.*
19.03.6-0ubuntu1~18.04.1
19.03.6-0ubuntu1~18.04.2
19.03.6-0ubuntu1~18.04.3
20.*
20.10.2-0ubuntu1~18.04.2
20.10.2-0ubuntu1~18.04.3
20.10.7-0ubuntu1~18.04.1
20.10.7-0ubuntu1~18.04.2
20.10.7-0ubuntu5~18.04.2
20.10.7-0ubuntu5~18.04.3
20.10.12-0ubuntu2~18.04.1
20.10.21-0ubuntu1~18.04.2
20.10.21-0ubuntu1~18.04.3
20.10.21-0ubuntu1~18.04.3+esm1
20.10.21-0ubuntu1~18.04.3+esm2
20.10.21-0ubuntu1~18.04.3+esm3
Ecosystem specific
{
"binaries": [
{
"binary_name": "docker.io",
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3"
},
{
"binary_name": "golang-docker-dev",
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3"
},
{
"binary_name": "golang-github-docker-docker-dev",
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3"
},
{
"binary_name": "vim-syntax-docker",
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3"
}
]
}Ubuntu:Pro:20.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
19.*
19.03.2-0ubuntu1
19.03.6-0ubuntu1
19.03.8-0ubuntu1
19.03.8-0ubuntu1.20.04
19.03.8-0ubuntu1.20.04.1
19.03.8-0ubuntu1.20.04.2
20.*
20.10.2-0ubuntu1~20.04.2
20.10.2-0ubuntu1~20.04.3
20.10.7-0ubuntu1~20.04.1
20.10.7-0ubuntu1~20.04.2
20.10.7-0ubuntu5~20.04.1
20.10.7-0ubuntu5~20.04.2
20.10.12-0ubuntu2~20.04.1
20.10.21-0ubuntu1~20.04.1
20.10.21-0ubuntu1~20.04.2
20.10.21-0ubuntu1~20.04.4
20.10.21-0ubuntu1~20.04.5
20.10.21-0ubuntu1~20.04.6
20.10.21-0ubuntu1~20.04.6+esm1
20.10.21-0ubuntu1~20.04.6+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-docker-dev",
"binary_version": "20.10.21-0ubuntu1~20.04.6+esm2"
},
{
"binary_name": "golang-github-docker-docker-dev",
"binary_version": "20.10.21-0ubuntu1~20.04.6+esm2"
},
{
"binary_name": "vim-syntax-docker",
"binary_version": "20.10.21-0ubuntu1~20.04.6+esm2"
}
]
}docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.25-0ubuntu1~20.04.1
20.10.25-0ubuntu1~20.04.2
24.*
24.0.5-0ubuntu1~20.04.1
24.0.7-0ubuntu2~20.04.1
26.*
26.1.3-0ubuntu1~20.04.1
26.1.3-0ubuntu1~20.04.1+esm1
26.1.3-0ubuntu1~20.04.1+esm2
Ubuntu:Pro:22.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.7-0ubuntu5
20.10.7-0ubuntu7
20.10.12-0ubuntu1
20.10.12-0ubuntu2
20.10.12-0ubuntu3
20.10.12-0ubuntu3+gke1.24.1
20.10.12-0ubuntu4
20.10.21-0ubuntu1~22.04.2
20.10.21-0ubuntu1~22.04.3
20.10.21-0ubuntu1~22.04.5
20.10.21-0ubuntu1~22.04.6
20.10.21-0ubuntu1~22.04.7
20.10.21-0ubuntu1~22.04.7+esm1
20.10.21-0ubuntu1~22.04.7+esm2
20.10.21-0ubuntu1~22.04.8
20.10.21-0ubuntu1~22.04.8+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-docker-dev",
"binary_version": "20.10.21-0ubuntu1~22.04.8+esm1"
},
{
"binary_name": "golang-github-docker-docker-dev",
"binary_version": "20.10.21-0ubuntu1~22.04.8+esm1"
},
{
"binary_name": "vim-syntax-docker",
"binary_version": "20.10.21-0ubuntu1~22.04.8+esm1"
}
]
}docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.25-0ubuntu1~22.04.1
20.10.25-0ubuntu1~22.04.2
24.*
24.0.5-0ubuntu1~22.04.1
24.0.7-0ubuntu2~22.04.1
26.*
26.1.3-0ubuntu1~22.04.1
26.1.3-0ubuntu1~22.04.1+esm1
27.*
27.5.1-0ubuntu3~22.04.1
27.5.1-0ubuntu3~22.04.2
28.*
28.2.2-0ubuntu1~22.04.1
29.*
29.1.3-0ubuntu3~22.04.1
29.1.3-0ubuntu3~22.04.2
Ubuntu:Pro:24.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io?arch=source&distro=esm-apps%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.24+dfsg1-1ubuntu2
20.10.25+dfsg1-2ubuntu1
20.10.25+dfsg1-2ubuntu1+esm1
20.10.25+dfsg1-2ubuntu1+esm2
20.10.25+dfsg1-2ubuntu1.24.04.1
20.10.25+dfsg1-2ubuntu1.24.04.1+esm1
docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app?arch=source&distro=esm-apps%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
24.*
24.0.5-0ubuntu1
24.0.7-0ubuntu1
24.0.7-0ubuntu2
24.0.7-0ubuntu3
24.0.7-0ubuntu4
24.0.7-0ubuntu4.1
26.*
26.1.3-0ubuntu1~24.04.1
26.1.3-0ubuntu1~24.04.1+esm1
27.*
27.5.1-0ubuntu3~24.04.1
27.5.1-0ubuntu3~24.04.2
28.*
28.2.2-0ubuntu1~24.04.1
29.*
29.1.3-0ubuntu3~24.04.1
29.1.3-0ubuntu3~24.04.2