cvedb.io
CVE-2021-45449
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2022-01-12T20:15:08.567 · Last modified 2026-06-17T04:13:23.470

Summary

Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login. This only affects users if they are on Docker Desktop 4.3.0, 4.3.1 and the user has logged in while on 4.3.0, 4.3.1. Gaining access to this data would require having access to the user’s local files.

Affected products

docker — docker_desktop

Does this affect you?

Add your gear to cvedb and we'll alert you only when docker ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.