M. Haunschmid

**Name of the Vulnerable Software and Affected Versions** Docker Desktop versions prior to 4.23.0 **Description** The issue affects Docker Desktop and is related to the disclosure of protected information. It allows a remote attacker to obtain an access token using a specially crafted extension icon URL. **Recommendations** For Docker Desktop versions prior to 4.23.0, update to version 4.23.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted extension icon URLs to minimize the risk of exploitation.