Docker: >> Docker Desktop >> 4.12.0 Security Vulnerabilities
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.
This issue affects Docker Desktop: before 4.23.0.
CVSS Score
8.0
EPSS Score
0.002
Published
2023-09-25
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-03-13