Docker Desktop@* Security Vulnerabilities and Issues — Docker Desktop@* CVE List

Lucene search

DockerDocker Desktop*

5 matches found

CVE•added 2023/03/13 12:15 p.m.•72 views

CVE-2023-0628

Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL.

7.8CVSS7AI score0.00059EPSS

CVE•added 2023/09/25 4:15 p.m.•63 views

CVE-2023-0626

Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0.

9.8CVSS8.3AI score0.00405EPSS

CVE•added 2023/09/25 4:15 p.m.•52 views

CVE-2023-5166

Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0.

8CVSS6.8AI score0.0018EPSS

CVE•added 2023/09/25 4:15 p.m.•51 views

CVE-2023-0633

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before 4.12.0.

7.8CVSS7.5AI score0.0007EPSS

CVE•added 2023/09/25 4:15 p.m.•38 views

CVE-2023-0625

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0.

9.8CVSS8.2AI score0.00405EPSS