CPE Details
Docker Desktop 2.3.0.3
2.3.0.3
2020-06-09
09h57 +00:00
09h57 +00:00
2020-06-09
09h57 +00:00
09h57 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:docker:docker_desktop:2.3.0.3:*:*:*:*:*:*:*
Informations
Vendor
dockerProduct
docker_desktopVersion
2.3.0.3Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before 4.12.0. | 7.8 |
Haute |
||
| Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0. | 9.8 |
Critique |
||
| Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0. | 9.8 |
Critique |
||
| Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0. | 8 |
Haute |
||
| Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL. | 7.8 |
Haute |
||
| Docker Desktop 4.3.0 has Incorrect Access Control. | 8.4 |
Haute |
||
| Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any administrator writable files by creating a symlink in place of where the installer writes its log file. Starting from version 4.6.0, the Docker Desktop installer, when run elevated, will write its log files to a location not writable by non-administrator users. | 7.1 |
Haute |
||
| Docker Desktop before 4.4.4 on Windows allows attackers to move arbitrary files. | 5.3 |
Moyen |
||
| com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification. | 7.8 |
Haute |
2025©
tesweb SA
