CVE-2021-45449: 
Docker Desktop vulnerability analysis and mitigation

Docker Desktop version 4.3.0 and 4.3.1 contains a vulnerability that may expose sensitive information (access token or password) in log files during user login. This vulnerability only affects users who are running these specific versions and have logged in while using them. Access to this sensitive data requires having access to the user's local files (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. The vulnerability is classified under CWE-532 (Insertion of Sensitive Information into Log File). The issue specifically involves the logging of sensitive authentication information during the login process (NVD).

The vulnerability could lead to the exposure of sensitive authentication credentials, including access tokens or passwords, if an attacker gains access to the user's local files. This could potentially allow unauthorized access to the user's Docker account and resources (NVD).

Users should upgrade from Docker Desktop versions 4.3.0 and 4.3.1 to a newer version where this vulnerability has been fixed. The issue only affects users who have logged in while using these vulnerable versions (Docker Release Notes).