Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view
CVE-2024-9348

Currently unrated

Key Information:

Vendor: Docker
Status: Docker Desktop
Vendor: CVE Published:; 16 October 2024

🔔 Create Docker Vulnerability Alert

What is CVE-2024-9348?

Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.

Affected Version(s)

Docker Desktop Windows 0 < 4.34.3

References

https://docs.docker.com/desktop/release-notes/#4343

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2024

Credit

Cure53

.