13 matches found
CVE-2025-3224
Docker Desktop for Windows versions prior to 4.41.0 are affected by an Elevation of Privilege during the update process. The updater runs with high privileges and attempts to delete files under C:\ProgramData\Docker\config, a path that often does not exist and where normal users can create direct...
CVE-2020-10665
CVE-2020-10665 affects Docker Desktop on Windows: local privilege escalation to NT AUTHORITY\SYSTEM due to mishandling of diagnostics collection with Administrator privileges, enabling arbitrary DACL overwrites and file writes. Affected products include Docker Desktop Enterprise before 2.1.0.9, D...
CVE-2022-37326
Docker Desktop for Windows before 4.6.0 is affected. The flaw resides in the dockerBackendV2 WindowsContainersStart API, where the pidfile field inside the DaemonJSON WindowsContainerStartRequest can be controlled to delete or create arbitrary files. This can indirectly enable privilege escalatio...
CVE-2023-1802
CVE-2023-1802 affects Docker Desktop 4.17.x where the Artifactory Integration falls back to sending registry credentials over plain HTTP when the HTTPS health check fails. This can allow a targeted network sniffing attack to disclose sensitive information. Affected users are those who have enable...
CVE-2024-6222
Docker Desktop prior to v4.29.0 is affected: a container breakout can escape to the host via extension- and dashboard-related IPC messages. Vulnerability details show the issue exists in Docker Desktop with Hyper-V backend on MacOS, Linux, and Windows. Remediation per the sources includes fixing ...
CVE-2022-31647
Docker Desktop for Windows is affected by CVE-2022-31647 in the hyperv/destroy dockerBackendV2 API, where a symlink in the DataFolder parameter can be abused to delete arbitrary files. The issue is tied to Docker Desktop prior to 4.6.0; the vulnerability’s activity is described as a local attack ...
CVE-2024-5652
CVE-2024-5652 affects Docker Desktop on Windows prior to 4.31.0. The issue arises in the exec-path Docker daemon config option used in Windows containers mode, where lack of validation of a user-supplied path (and related access control weaknesses) enables a local user in the docker-users group t...
CVE-2024-8695
Summary: CVE-2024-8695 affects Docker Desktop before 4.34.2, with a remote code execution (RCE) flaw exploitable via crafted extension descriptions or changelogs. The vulnerability is triggered when a malicious extension uses these fields, potentially allowing code execution on the host. The thre...
CVE-2022-34292
CVE-2022-34292 affects Docker Desktop for Windows prior to 4.6.0. The vulnerability stems from a symlink attack on the hyperv/create dockerBackendV2 API, where an attacker can influence the DataFolder parameter for DockerDesktop.vhdx to overwrite arbitrary files. This is described as a related is...
CVE-2024-8696
CVE-2024-8696 affects Docker Desktop versions before 4.34.2. The issue is a remote code execution (RCE) vulnerability that can be abused by a malicious extension via crafted extension publisher-url/additional-urls. Multiple connected sources corroborate an RCE risk tied to extension handling, wit...
CVE-2021-37841
Docker Desktop (Windows) vulnerability CVE-2021-37841 affects versions prior to 3.6.0. The issue is erroneous access control that allows a low-privilege user who can access the Windows containers server to read, write, and potentially execute code inside containers, enabling full container compro...
CVE-2022-38730
CVE-2022-38730 affects Docker Desktop for Windows prior to 4.6. The vulnerability arises in the WindowsContainerStartRequest path, where an attacker can influence the data-root field inside the DaemonJSON of the WindowsContainerStartRequest, triggering a TOCTOU race that enables overwriting arbit...
CVE-2026-2664
Summary: CVE-2026-2664 is an out-of-bounds read in the grpcfuse kernel module used by Docker Desktop’s Linux VM on Windows, Linux, and macOS. Affected: Docker Desktop versions up to 4.61.0. Attack vector: local attacker could exploit by writing to /proc/docker entries, with impact described as un...