Download
| Alert*
|
oval:org.secpod.oval:def:63942
Docker Desktop EE is installed oval:org.secpod.oval:def:87196 The host is installed with Docker Desktop before 4.5.1 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to move arbitrary files. oval:org.secpod.oval:def:87197 The host is installed with Docker Desktop before 4.4.4 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to move arbitrary files. oval:org.secpod.oval:def:94183 The host is installed with Docker Desktop Docker Docker_desktop versions less than 4.12.0 and is prone to a Rce vulnerability. A flaw is present in the application, which fails to properly handle a crafted extension description or changelog. Successful exploitation could allow an attacker to cause r ... oval:org.secpod.oval:def:94185 The host is installed with Docker Desktop Docker desktop 4.11.0 before 4.12.0, and is prone to a Local privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle ipc response spoofing. Successful exploitation allows an attacker to gain local privileges. oval:org.secpod.oval:def:94184 The host is installed with Docker Desktop Docker Docker_desktop versions less than 4.12.0 and is prone to a Rce vulnerability. A flaw is present in the application, which fails to properly handle query parameters in message-box route. Successful exploitation allows an attacker to cause remote code e ... oval:org.secpod.oval:def:94186 The host is installed with Docker Desktop before 4.12.0 and is prone to an argument injection vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to gain local privilege. oval:org.secpod.oval:def:94187 The host is installed with Docker Desktop 4.13.0 before 4.23.0, and is prone to an improper protection of alternate path vulnerability. A flaw is present in the application, which fails to properly handle the debug shell which remains accessible for a short time window after launching docker desktop ... oval:org.secpod.oval:def:94188 The host is installed with Docker Desktop Docker Docker_desktop versions less than 4.23.0 and is prone to an access token theft vulnerability. A flaw is present in the application, which fails to properly handle crafted extension icon URL. Successful exploitation could allow an attacker to cause uns ... oval:org.secpod.oval:def:89518 The host is installed with Docker Desktop before 4.17.x and is prone to a command injection vulnerability. A flaw is present in the application, which fails to handle a specially crafted malicious docker-desktop:// URL. Successful exploitation allows an attacker to execute an arbitrary command insid ... oval:org.secpod.oval:def:89517 The host is installed with Docker Desktop before 4.17.x and is prone to a bypass vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation allows an unprivileged user to bypass ECI restrictions by setting Docker host to docker.r ... oval:org.secpod.oval:def:97424 The host is installed with Docker Desktop before 4.27.1 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle two malicious build steps running in parallel sharing the same cache mounts with subpaths. Successful exploitation allows ... oval:org.secpod.oval:def:97425 The host is installed with Docker Desktop before 4.27.1 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle a malicious BuildKit frontend or Dockerfile using RUN --mount. Successful exploitation allows attackers to trick the feature th ... oval:org.secpod.oval:def:97426 The host is installed with Docker Desktop before 4.27.1 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the BuildKit APIs when running interactive containers based on built images. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:97427 The host is installed with Docker Desktop before 4.27.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malicious BuildKit client or frontend. Successful exploitation allows attackers to craft a request that could lead to Buil ... oval:org.secpod.oval:def:97428 The host is installed with Docker Desktop 4.19.0 before 4.27.1 and is prone to a cache poisoning vulnerability. A flaw is present in the application, which fails to properly handle the classic builder cache system of Moby project. Successful exploitation allows attackers to poison their cache by mak ... oval:org.secpod.oval:def:97423 The host is installed with Docker Desktop before 4.27.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an internal file descriptor leak issue in runc. Successful exploitation allows attackers to gain access to the host fi ... |
