Docker Desktop Security Vulnerabilities and Issues — Docker Desktop CVE List

Lucene search

DockerDocker Desktop

6 matches found

CVE•added 2023/09/25 4:15 p.m.•62 views

CVE-2023-0626

Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0.

9.8CVSS8.3AI score0.00405EPSS

CVE•added 2023/09/25 4:15 p.m.•53 views

CVE-2023-5165

Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assu...

8.8CVSS7.4AI score0.00015EPSS

CVE•added 2023/09/25 4:15 p.m.•51 views

CVE-2023-5166

Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0.

8CVSS6.8AI score0.0018EPSS

CVE•added 2023/09/25 4:15 p.m.•50 views

CVE-2023-0633

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before 4.12.0.

7.8CVSS7.5AI score0.0007EPSS

CVE•added 2023/09/25 4:15 p.m.•42 views

CVE-2023-0627

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation (LPE).This issue affects Docker Desktop: 4.11.X.

7.8CVSS6.8AI score0.00035EPSS

CVE•added 2023/09/25 4:15 p.m.•36 views

CVE-2023-0625

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0.

9.8CVSS8.2AI score0.00405EPSS