Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog.
This issue affects Docker Desktop: before 4.12.0.