Dash by Docker

by Docker Incv0.20.0

Last updated Jun 8, 2026

Dash by Docker lets you run AI coding agents in isolated environments on your machine.

Install with winget

$ winget install --id Docker.ds --exact --version 0.20.0

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Dash by Docker

Dash by Docker uses MSI (WiX). The silent install switches are /quiet /norestart.

One-line silent install (x86, user scope)

msiexec.exe /i DockerSandboxes.msi /quiet /norestart

See the full silent install reference for Dash by Docker →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

Dash by Docker gives agents safe, isolated environments to work in.

Installers · v0.20.0

Architecture	Type	Scope	Install	Download
x86	MSI WiX	user		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

7 known CVEs via NVD

high7.8Fix in v4.5.1CVE-2022-25365affects before 4.5.1Feb 18, 2022
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774.
Patch Vendor advisory
medium6.5Fix in v19.03.15CVE-2021-21285affects before 19.03.15, 20.10.3Feb 2, 2021
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.
Patch Vendor advisory
medium6.8Fix in v19.03.15CVE-2021-21284affects before 19.03.15, 20.10.3Feb 2, 2021
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host files...
Patch Vendor advisory
high7.8Fix in v2.5.0.0CVE-2021-3162affects before 2.5.0.0Jan 15, 2021
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
Vendor advisory
medium5.3Fix in v19.03.9CVE-2020-27534affects before 19.03.9Dec 30, 2020
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
high8.8Patched in wingetCVE-2020-14300affects v1.13.1Jul 13, 2020
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the...
Vendor advisory
high8.8Patched in wingetCVE-2020-14298affects v1.13.1Jul 13, 2020
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container...
Patch Vendor advisory

Source: NVD, updated 6h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Frequently asked questions

How do I install Dash by Docker on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Docker.ds --exact --version 0.20.0. winget downloads the installer from Docker Inc and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Dash by Docker silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Docker.ds --exact 0.20.0 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Dash by Docker?

Dash by Docker uses MSI (WiX). Run the downloaded installer with: msiexec.exe /i DockerSandboxes.msi /quiet /norestart. The silent switches are /quiet /norestart.

How do I uninstall Dash by Docker via winget?

Run: winget uninstall --id Docker.ds --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Dash by Docker's Apps & Features entry.

Is Dash by Docker free?

Dash by Docker is distributed under Proprietary. Refer to the publisher (https://docs.docker.com/ai/sandboxes/) for the full license terms - Wingetly itself does not charge for installation.

Does Dash by Docker work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Dash by Docker directly from the publisher.

How do I keep Dash by Docker up to date?

Run winget upgrade --id Docker.ds --exact, or winget upgrade --all to update everything winget tracks. We index 8 versions of Dash by Docker from microsoft/winget-pkgs.

Recent versions

0.20.0latest
0.19.0
0.18.7
0.18.6
0.18.5
0.18.4
0.18.3
0.17.0