CVE-2023-0627— Docker Desktop 4.11.x allows --no-windows-containers flag bypass
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-0627
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Docker Desktop 4.11.x allows --no-windows-containers flag bypass
Source: NVD (National Vulnerability Database)
Vulnerability Description
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation (LPE).This issue affects Docker Desktop: 4.11.X.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
违背信任边界
Source: NVD (National Vulnerability Database)
Vulnerability Title
Docker Desktop 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Docker Desktop是美国Docker公司的一个基于容器技术的用于轻量化部署应用的桌面软件。该产品可提供桌面环境可支持在Linux/Windows/Mac OS系统上创建一个容器(轻量级虚拟机)并部署和运行应用程序,以及通过配置文件实现应用程序的自动化安装、部署和升级。 Docker Desktop 存在安全漏洞,该漏洞源于通过 IPC 响应欺骗绕过 --no-windows-containers 标志,这可能会导致本地权限升级 (LPE)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Docker Inc. | Docker Desktop | 4.11.x | - |
II. Public POCs for CVE-2023-0627
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-0627
请登录查看更多情报信息。
- https://docs.docker.com/desktop/release-notes/#4120release-notes
- https://nvd.nist.gov/vuln/detail/CVE-2023-0627
Same Patch Batch · Docker Inc. · 2023-09-25 · 6 CVEs total
| CVE-2023-5166 | 8.0 HIGH | Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL |
| CVE-2023-0626 | 8.0 HIGH | Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box rout |
| CVE-2023-0625 | 8.0 HIGH | Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or c |
| CVE-2023-0633 | 7.2 HIGH | In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result i |
| CVE-2023-5165 | 7.1 HIGH | Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell |
IV. Related Vulnerabilities
Same product: Docker Desktop
- CVE-2026-2664
Out of bounds read vulnerability in grpcfuse kernel module - CVE-2025-14740
Docker Desktop for Windows Incorrect Permission Assignment P - CVE-2025-13743
Expired Personal Access Tokens (PATs) are recorded in Docker - CVE-2025-9164
Multiple DLL Search Order Hijacking Vulnerabilities in Docke - CVE-2025-10657
Docker Desktop with ECI Fails to Enforce Socket Command Rest
Same vendor: Docker Inc.
- CVE-2025-14740
Docker Desktop for Windows Incorrect Permission Assignment P - CVE-2024-6222
In Docker Desktop before v4.29.0 an attacker who has gained - CVE-2024-5652
In Docker Desktop on Windows before v4.31.0 allows a user in - CVE-2023-0633
In Docker Desktop on Windows before 4.12.0 an argument injec - CVE-2023-0626
Docker Desktop before 4.12.0 is vulnerable to RCE via query
Same weakness: CWE-501
- CVE-2026-24153
NVIDIA Jetson Linux 安全漏洞 - CVE-2026-25725
Claude Code Has Sandbox Escape via Persistent Configuration - CVE-2025-14542
Command execution in python-utcp allows attackers to achieve - CVE-2025-49714
Visual Studio Code Python Extension Remote Code Execution Vu - CVE-2025-48938
Prevent GitHub CLI and extensions from executing arbitrary c
V. Comments for CVE-2023-0627
No comments yet