📦 Docker Desktop

Docker Desktop diagnostics bundles inadvertently include expired Personal Access Tokens (PATs) in log output due to error object serialization issues. This vulnerability allows sensitive credential le...

CVE-2023-5165 allows unprivileged users to bypass Enhanced Container Isolation (ECI) restrictions in Docker Desktop by accessing a debug shell during a short time window after launch. This affects Doc...

This vulnerability in Docker Desktop allows remote code execution (RCE) when a malicious extension description or changelog is processed. Attackers can exploit this to run arbitrary code on the host s...

This vulnerability in Docker Desktop for Windows allows local attackers to escalate privileges through argument injection in the installer. Attackers with local access can exploit this to gain elevate...

This vulnerability allows unprivileged users on Docker Desktop to bypass Enhanced Container Isolation (ECI) restrictions by connecting to Docker's raw socket or named pipe. This affects Docker Busines...

CVE-2021-44719 is an incorrect access control vulnerability in Docker Desktop 4.3.0 that allows unauthorized users to access Docker Desktop features and potentially execute arbitrary code. This affect...

This vulnerability allows attackers to overwrite administrator-writable files on Windows systems by exploiting a symlink vulnerability in Docker Desktop installer log file handling. Attackers can crea...