Vulnerabilities > Docker > Desktop > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-5652 | Unspecified vulnerability in Docker Desktop In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode. | 5.5 |
| 2023-04-27 | CVE-2022-38730 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Docker Desktop Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. | 6.3 |
| 2021-08-12 | CVE-2021-37841 | Incorrect Permission Assignment for Critical Resource vulnerability in Docker Desktop Docker Desktop before 3.6.0 suffers from incorrect access control. | 4.6 |