CVE-2022-37326
- EPSS 0.3%
- Veröffentlicht 27.04.2023 20:15:40
- Zuletzt bearbeitet 31.01.2025 20:15:29
Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. Th...
CVE-2022-34292
- EPSS 0.33%
- Veröffentlicht 27.04.2023 20:15:40
- Zuletzt bearbeitet 31.01.2025 20:15:29
Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647.
CVE-2022-31647
- EPSS 0.33%
- Veröffentlicht 27.04.2023 20:15:39
- Zuletzt bearbeitet 31.01.2025 20:15:28
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659.
CVE-2023-1802
- EPSS 0.55%
- Veröffentlicht 06.04.2023 09:15:07
- Zuletzt bearbeitet 21.11.2024 07:39:56
In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted network sniffing attack can lead to a disclosure of sensitive information. Only users who...
CVE-2021-37841
- EPSS 0.73%
- Veröffentlicht 12.08.2021 14:15:07
- Zuletzt bearbeitet 21.11.2024 06:15:57
Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation mod...
CVE-2020-10665
- EPSS 1.44%
- Veröffentlicht 18.03.2020 19:15:18
- Zuletzt bearbeitet 21.11.2024 04:55:48
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker...