cbcvebase.

Docker Desktop vulnerabilities

32 known vulnerabilities affecting docker/docker_desktop.

Total CVEs
32
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH20MEDIUM7

Vulnerabilities

Page 2 of 2
CVE-2020-11492P3HIGHCVSS 7.8≤ 2.2.0.52020-06-05
CVE-2020-11492 [HIGH] CWE-362 CVE-2020-11492: An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up th An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges.
nvd
CVE-2020-15360P3HIGHCVSS 7.8v2.3.0.32020-06-27
CVE-2020-15360 [HIGH] CWE-862 CVE-2020-15360: com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification.
nvd
CVE-2026-8936P3HIGHCVSS 8.2≥ 4.33.0, < 4.76.02026-06-02
CVE-2026-8936 [HIGH] CWE-674 CVE-2026-8936: Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container create Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0.
nvd
CVE-2023-0629P4HIGHCVSS 7.1≥ 4.13.0, < 4.17.02023-03-13
CVE-2023-0629 [HIGH] CWE-424 CVE-2023-0629: Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linux on Windows, via the -H (--host) CLI flag or the DOCKER_HOST environment variable and launch containers without the additional hardening features provided
nvd
CVE-2023-5166P4MEDIUMCVSS 6.5fixed in 4.23.02023-09-25
CVE-2023-5166 [MEDIUM] CWE-200 CVE-2023-5166: Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0.
nvd
CVE-2022-26659P4HIGHCVSS 7.1fixed in 4.6.02022-03-25
CVE-2022-26659 [HIGH] CWE-59 CVE-2022-26659: Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any adm Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any administrator writable files by creating a symlink in place of where the installer writes its log file. Starting from version 4.6.0, the Docker Desktop installer, when run elevated, will write its log files to a location not writable by non-administrator us
nvd
CVE-2022-23774P4MEDIUMCVSS 5.3fixed in 4.4.42022-02-01
CVE-2022-23774 [MEDIUM] CVE-2022-23774: Docker Desktop before 4.4.4 on Windows allows attackers to move arbitrary files. Docker Desktop before 4.4.4 on Windows allows attackers to move arbitrary files.
nvd
CVE-2021-45449P4MEDIUMCVSS 5.5v4.3.0v4.3.12022-01-12
CVE-2021-45449 [MEDIUM] CWE-532 CVE-2021-45449: Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login. This only affects users if they are on Docker Desktop 4.3.0, 4.3.1 and the user has logged in while on 4.3.0, 4.3.1. Gaining access to this data would require having access to the user’s local files.
nvd
CVE-2025-1696P4MEDIUMCVSS 5.2fixed in 4.39.02025-03-06
CVE-2025-1696 [MEDIUM] CWE-532 CVE-2025-1696: A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentiona A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive details—was written to log files in clear text whenever an HTTP GET request was made through a proxy. An attacker
nvd
CVE-2025-6587P4MEDIUMCVSS 5.2fixed in 4.43.02025-07-03
CVE-2025-6587 [MEDIUM] CWE-532 CVE-2025-6587: System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-c System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Startin
nvd
CVE-2025-3911P4MEDIUMCVSS 5.2fixed in 4.41.02025-04-29
CVE-2025-3911 [MEDIUM] CWE-532 CVE-2025-3911: Recording of environment variables, configured for running containers, in Docker Desktop application Recording of environment variables, configured for running containers, in Docker Desktop application logs could lead to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain sensitive credentials information and further use it to gain unauthorized access to ot
nvd
CVE-2025-4095P4MEDIUMCVSS 4.3≥ 4.36.0, < 4.41.02025-04-29
CVE-2025-4095 [MEDIUM] CWE-862 CVE-2025-4095: Registry Access Management (RAM) is a security feature allowing administrators to restrict access fo Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would allow Docker Desktop users to pull down unapproved, and potentially malicious
nvd
Docker Desktop vulnerabilities | cvebase