CVE-2023-0625

HIGH

Docker Desktop <4.12.0 - RCE

Title source: llm
STIX 2.1

Description

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0.

References (1)

Scores

CVSS v3 8.0
EPSS 0.0040
EPSS Percentile 61.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-94 CWE-829 CWE-79
Status published
Products (1)
docker/docker_desktop < 4.12.0
Published Sep 25, 2023
Tracked Since Feb 18, 2026