2 matches found
CVE-2023-0629 Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
CVE-2023-0629
Summary: CVE-2023-0629 affects Docker Desktop prior to 4.17.0, where an unprivileged user can bypass Enhanced Container Isolation (ECI) by setting the Docker host to docker.raw.sock or npipe:////.pipe/docker_engine_linux (Windows) via -H/DOCKER_HOST, allowing containers to run with reduced harden...