Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-14460

Summary
Assigner-TR-CERT
Assigner Org ID-ca940d4e-fea4-4aa2-9a58-591a58b1ce21
Published At-03 Jul, 2026 | 14:14
Updated At-03 Jul, 2026 | 14:14
Rejected At-
Credits

Missing Authorization in TUBITAK BILGEM's pardus-software

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:TR-CERT
Assigner Org ID:ca940d4e-fea4-4aa2-9a58-591a58b1ce21
Published At:03 Jul, 2026 | 14:14
Updated At:03 Jul, 2026 | 14:14
Rejected At:
▼CVE Numbering Authority (CNA)
Missing Authorization in TUBITAK BILGEM's pardus-software

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

Affected Products
Vendor
TUBITAK BILGEM Software Technologies Research Institute
Product
pardus-software
Default Status
unaffected
Versions
Affected
  • From <= 1.0.4 before 1.0.5 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-862CWE-862 Missing Authorization
Type: CWE
CWE ID: CWE-862
Description: CWE-862 Missing Authorization
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-6CAPEC-6 Argument Injection
CAPEC ID: CAPEC-6
Description: CAPEC-6 Argument Injection
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Kerem Kaan DASMAZ
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0497
government-resource
Hyperlink: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0497
Resource:
government-resource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:iletisim@usom.gov.tr
Published At:03 Jul, 2026 | 15:16
Updated At:03 Jul, 2026 | 15:16

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-862Primaryiletisim@usom.gov.tr
CWE ID: CWE-862
Type: Primary
Source: iletisim@usom.gov.tr
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0497iletisim@usom.gov.tr
N/A
Hyperlink: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0497
Source: iletisim@usom.gov.tr
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

17Records found

CVE-2026-14459
Matching Score-8
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-8
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-8.8||HIGH
EPSS-Not Assigned
Published-03 Jul, 2026 | 14:09
Updated-03 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Argument Injection in TUBITAK BILGEM's pardus-software

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

Action-Not Available
Vendor-TUBITAK BILGEM Software Technologies Research Institute
Product-pardus-software
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2025-43358
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-0.28% / 19.46%
||
7 Day CHG~0.00%
Published-15 Sep, 2025 | 22:35
Updated-02 Apr, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A shortcut may be able to bypass sandbox restrictions.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadosmacosmacOSiOS and iPadOS
CWE ID-CWE-862
Missing Authorization
CVE-2025-43329
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-0.29% / 20.61%
||
7 Day CHG~0.00%
Published-15 Sep, 2025 | 22:35
Updated-02 Apr, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to break out of its sandbox.

Action-Not Available
Vendor-Apple Inc.
Product-tvoswatchosmacosiphone_osipadosmacOSwatchOSiOS and iPadOStvOS
CWE ID-CWE-862
Missing Authorization
CVE-2026-33785
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.14% / 3.53%
||
7 Day CHG~0.00%
Published-09 Apr, 2026 | 21:37
Updated-17 Apr, 2026 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: MX Series: Missing Authorization for specific 'request' CLI commands in a JDM/CSDS scenario

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, can issue 'request csds' CLI operational commands. These commands are only meant to be executed by high privileged or users designated for Juniper Device Manager (JDM) / Connected Security Distributed Services (CSDS) operations as they will impact all aspects of the devices managed via the respective MX. This issue affects Junos OS on MX Series: * 24.4 releases before 24.4R2-S3,  * 25.2 releases before 25.2R2. This issue does not affect Junos OS releases before 24.4.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-mx204mx2008mx10004mx10008mx2020mx960mx301mx240mx304mx2010mx480junosJunos OS
CWE ID-CWE-862
Missing Authorization
CVE-2021-3653
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.41% / 33.16%
||
7 Day CHG~0.00%
Published-29 Sep, 2021 | 19:41
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-862
Missing Authorization
CVE-2021-3656
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.66% / 46.96%
||
7 Day CHG~0.00%
Published-04 Mar, 2022 | 18:41
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serversoftware_collectionsenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_server_ausopenstackvirtualization_hostenterprise_linux3scale_api_managemententerprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusenterprise_linux_desktopcodeready_linux_builderenterprise_linux_for_scientific_computinglinux_kernelenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_workstationfedoraenterprise_linux_for_ibm_z_systemsenterprise_linux_eusenterprise_linux_for_power_little_endian_eusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_server_tusenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_real_timeenterprise_linux_for_power_big_endianKVM
CWE ID-CWE-862
Missing Authorization
CVE-2024-38179
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.43% / 34.45%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-09 Jun, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability

Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_stack_hciAzure Stack HCI OSAzure Stack OS HCI
CWE ID-CWE-862
Missing Authorization
CVE-2020-29479
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.30% / 22.17%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 17:06
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged guests can get and modify permissions, list, and delete the root node. (Deleting the whole xenstore tree is a host-wide denial of service.) Achieving xenstore write access is also possible. All systems using oxenstored are vulnerable. Building and using oxenstored is the default in the upstream Xen distribution, if the Ocaml compiler is available. Systems using C xenstored are not vulnerable.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoran/a
CWE ID-CWE-862
Missing Authorization
CVE-2020-13512
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.53% / 40.71%
||
7 Day CHG~0.00%
Published-18 Dec, 2020 | 19:42
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. Using the IRP 0x9c40a0d8 gives a low privilege user direct access to the OUT instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability.

Action-Not Available
Vendor-nzxtn/a
Product-camNZXT
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-862
Missing Authorization
CVE-2020-13514
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.53% / 40.72%
||
7 Day CHG~0.00%
Published-18 Dec, 2020 | 19:42
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. Using the IRP 0x9c40a0e0 gives a low privilege user direct access to the OUT instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability.

Action-Not Available
Vendor-nzxtn/a
Product-camNZXT
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-862
Missing Authorization
CVE-2020-13519
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.57% / 42.81%
||
7 Day CHG~0.00%
Published-18 Dec, 2020 | 19:52
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability.

Action-Not Available
Vendor-nzxtn/a
Product-camNZXT"
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-862
Missing Authorization
CVE-2020-13513
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.53% / 40.72%
||
7 Day CHG~0.00%
Published-18 Dec, 2020 | 19:42
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. Using the IRP 0x9c40a0dc gives a low privilege user direct access to the OUT instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability.

Action-Not Available
Vendor-nzxtn/a
Product-camNZXT
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-862
Missing Authorization
CVE-2020-13515
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.53% / 40.72%
||
7 Day CHG~0.00%
Published-18 Dec, 2020 | 19:38
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause an adversary to obtain elevated privileges. An attacker can send a malicious IRP to trigger this vulnerability.

Action-Not Available
Vendor-nzxtn/a
Product-camNZXT
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-862
Missing Authorization
CVE-2019-1170
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.9||HIGH
EPSS-2.43% / 82.26%
||
7 Day CHG~0.00%
Published-14 Aug, 2019 | 20:55
Updated-20 Feb, 2026 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows NTFS Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by preventing sandboxed processes from creating reparse points targeting inaccessible files.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10windows_server_2019Windows Server 2019 (Server Core installation)Windows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1809Windows 10 Version 1903 for 32-bit SystemsWindows Server 2019Windows Server, version 1903 (Server Core installation)
CWE ID-CWE-862
Missing Authorization
CVE-2025-49723
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.30% / 22.23%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:57
Updated-13 Feb, 2026 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows StateRepository API Server file Tampering Vulnerability

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_22h2windows_server_2022windows_11_24h2windows_server_2022_23h2windows_11_22h2windows_11_23h2windows_10_1809windows_server_2025windows_10_21h2windows_server_2019Windows Server 2025Windows Server 2022Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 11 version 22H2Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows 10 Version 22H2Windows Server 2019
CWE ID-CWE-862
Missing Authorization
CVE-2024-21417
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.37% / 28.97%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 23:30
Updated-10 Feb, 2026 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Text Services Framework Elevation of Privilege Vulnerability

Windows Text Services Framework Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_server_2022_23h2windows_11_22h2windows_10_22h2windows_11_21h2windows_10_21h2windows_10_1809windows_server_2022windows_server_2019Windows Server 2022Windows 11 version 21H2Windows Server 2019 (Server Core installation)Windows 11 Version 23H2Windows 10 Version 1809Windows 11 version 22H2Windows 10 Version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows 10 Version 22H2Windows Server 2019
CWE ID-CWE-862
Missing Authorization
CVE-2023-5165
Matching Score-4
Assigner-Docker Inc.
ShareView Details
Matching Score-4
Assigner-Docker Inc.
CVSS Score-7.1||HIGH
EPSS-0.22% / 13.16%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 15:29
Updated-24 Sep, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell

Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. This issue has been fixed in Docker Desktop 4.23.0. Affected Docker Desktop versions: from 4.13.0 before 4.23.0.

Action-Not Available
Vendor-Docker, Inc.
Product-docker_desktopDocker Desktop
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-424
Improper Protection of Alternate Path
Details not found