Unrated severityNVD Advisory· Published Mar 13, 2023· Updated Feb 27, 2025
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL
CVE-2023-0628
Description
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- docs.docker.com/desktop/release-notes/mitrerelease-notes
News mentions
0No linked articles in our index yet.