Product:

Docker_desktop

(Docker)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 14
Date Id Summary Products Score Patch Annotated
2023-09-25 CVE-2023-0633 In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before 4.12.0. Docker_desktop 7.8
2023-09-25 CVE-2023-5165 Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. This issue has been fixed in Docker Desktop 4.23.0. Affected Docker Desktop versions: from 4.13.0 before 4.23.0. Docker_desktop 8.8
2023-09-25 CVE-2023-5166 Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0. Docker_desktop 6.5
2020-06-05 CVE-2020-11492 An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges. Docker_desktop 7.8