CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0625 – Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog
https://notcve.org/view.php?id=CVE-2023-0625
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0. Docker Desktop anterior a 4.12.0 es vulnerable a RCE a través de una descripción de extensión manipulada o un registro de cambios. Este problema afecta a Docker Desktop: versiones anteriores a 4.12.0. • https://docs.docker.com/desktop/release-notes/#4120 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-23567
https://notcve.org/view.php?id=CVE-2023-23567
A specially crafted file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1729 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35002
https://notcve.org/view.php?id=CVE-2023-35002
A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32653
https://notcve.org/view.php?id=CVE-2023-32653
A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1802 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39453
https://notcve.org/view.php?id=CVE-2023-39453
A specially crafted malformed file can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1830 • CWE-416: Use After Free •