Read more: securityonline.info
Docker has addressed two critical vulnerabilities, CVE-2024-8695 and CVE-2024-8696, in Docker Desktop that could allow attackers to execute remote code. These vulnerabilities stem from flaws in how Docker Desktop handles crafted extension descriptions and potentially malicious extension code. The vulnerabilities underscore the risks associated with software extensions and emphasize the importance of prioritizing security updates. Organizations using Docker Desktop are strongly encouraged to update to the latest version to mitigate these risks and ensure the security of their containerized environments.