4.11.1

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

docker

NVD

Published: 2023-09-25

Updated: 2023-09-25

Summary

Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation (LPE).This issue affects Docker Desktop: 4.11.X.

Vulnerable Configurations

Part	Description	Count
Application	Docker Docker Docker Desktop 4.11.0 Docker Docker Desktop 4.11.1	2

References

https://docs.docker.com/desktop/release-notes/#4120