Unrated severityNVD Advisory· Published Apr 27, 2023· Updated Jan 31, 2025
CVE-2022-37326
CVE-2022-37326
Description
Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Docker/Docker Desktop for Windowsdescription
- Range: <4.6.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.