Vulnerabilities > Docker > Docker Desktop > 4.12.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-25 | CVE-2023-5166 | Unspecified vulnerability in Docker Desktop Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0. | 6.5 |
| 2023-03-13 | CVE-2023-0628 | Command Injection vulnerability in Docker Desktop Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL. | 7.8 |