Desktop@* Security Vulnerabilities and Issues — Desktop@* CVE List

Lucene search

DockerDesktop*

4 matches found

CVE•added 2024/07/09 6:15 p.m.•57 views

CVE-2024-6222

In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-notes/#4290 fixes the iss...

7.3CVSS6.8AI score0.00526EPSS

CVE•added 2024/09/12 6:15 p.m.•50 views

CVE-2024-8695

A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2.

9.8CVSS9.8AI score0.00791EPSS

CVE•added 2024/09/12 6:15 p.m.•45 views

CVE-2024-8696

A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2.

9.8CVSS9.8AI score0.00791EPSS

CVE•added 2024/07/09 5:15 p.m.•43 views

CVE-2024-5652

In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode.

6.1CVSS5.8AI score0.00052EPSS