diff --git a/CHANGELOG.md b/CHANGELOG.md
index 19d52e4688..094f26047b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 1.25.2 - 23 June 2023
+### Fixed
+* Fixed a potential security issue involving Markdown tooltips for containers. [#3983](https://github.com/microsoft/vscode-docker/pull/3983)
+
 ## 1.25.1 - 16 May 2023
 ### Fixed
 * The extension was not activating when a Dockerfile was opened. [#3928](https://github.com/microsoft/vscode-docker/pull/3928)
diff --git a/package-lock.json b/package-lock.json
index 1a731577a3..2926105685 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
     "name": "vscode-docker",
-    "version": "1.25.1",
+    "version": "1.25.2",
     "lockfileVersion": 2,
     "requires": true,
     "packages": {
         "": {
             "name": "vscode-docker",
-            "version": "1.25.1",
+            "version": "1.25.2",
             "license": "SEE LICENSE IN LICENSE.md",
             "dependencies": {
                 "@azure/arm-authorization": "^8.3.3",
diff --git a/package.json b/package.json
index 199435eace..6fbb8075ab 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "vscode-docker",
-    "version": "1.25.1",
+    "version": "1.25.2",
     "publisher": "ms-azuretools",
     "displayName": "Docker",
     "description": "Makes it easy to create, manage, and debug containerized applications.",
diff --git a/src/tree/resolveTooltipMarkdown.ts b/src/tree/resolveTooltipMarkdown.ts
index 299c2225c3..2d4a33719f 100644
--- a/src/tree/resolveTooltipMarkdown.ts
+++ b/src/tree/resolveTooltipMarkdown.ts
@@ -13,7 +13,7 @@ export async function resolveTooltipMarkdown(templateString: string, context: un
 
     const markdownString = template(context);
     const result = new MarkdownString(markdownString, true);
-    result.isTrusted = true;
+    result.isTrusted = { enabledCommands: ['revealFileInOS'] }; // revealFileInOS is used in container tooltips
     return result;
 }