It was discovered that containerd could be made to expose sensitive
information when processing URLs in container image manifests. A
remote attacker could use this to trick the user and obtain the
user’s registry credentials.

References

ubuntu.com/security/CVE-2020-15157

ubuntu.com/security/notices/USN-4589-2

osv 4

photon 3

prion 1

github 1

mageia 1

ubuntu 2

veracode 1

openvas 14

nvd 1

redhatcve 1

debiancve 1

amazon 1

cve 1

nessus 17

ubuntucve 1

oraclelinux 3

cvelist 1

threatpost 3

debian 1

redhat 3

suse 1

osv

containerd vulnerability

2020-10-15 19:58:02

CVE-2020-15157

2020-10-16 17:15:11

containerd v1.2.x can be coerced into leaking credentials during image pull

2022-02-11 23:27:39

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0292

2020-10-23 00:00:00

Important Photon OS Security Update - PHSA-2020-0155

2020-10-24 00:00:00

Important Photon OS Security Update - PHSA-2020-3.0-0155

2020-10-24 00:00:00

prion

Design/Logic Flaw

2020-10-16 17:15:00

github

containerd v1.2.x can be coerced into leaking credentials during image pull

2022-02-11 23:27:39

mageia

Updated docker packages fix a security vulnerability

2020-11-09 17:48:43

ubuntu

containerd vulnerability

2020-10-15 00:00:00

Docker vulnerability

2020-10-15 00:00:00

veracode

Information Disclosure

2020-10-18 01:59:36

openvas

Ubuntu: Security Advisory (USN-4589-2)

2020-10-16 00:00:00

Mageia: Security Advisory (MGASA-2020-0406)

2022-01-28 00:00:00

Ubuntu: Security Advisory (USN-4589-1)

2020-10-16 00:00:00

nvd

CVE-2020-15157

2020-10-16 17:15:11

redhatcve

CVE-2020-15157

2020-10-21 15:55:41

debiancve

CVE-2020-15157

2020-10-16 17:15:11

amazon

Medium: containerd

2021-12-28 23:54:00

cve

CVE-2020-15157

2020-10-16 17:15:11

nessus

Ubuntu 16.04 LTS : containerd vulnerability (USN-4589-1)

2020-10-16 00:00:00

Photon OS 2.0: Containerd PHSA-2020-2.0-0292

2020-10-23 00:00:00

Oracle Linux 7 : docker-engine / docker-cli (ELSA-2020-5900)

2020-10-28 00:00:00

ubuntucve

CVE-2020-15157

2020-10-15 00:00:00

oraclelinux

containerd security update

2020-11-02 00:00:00

docker-engine docker-cli security update

2020-10-28 00:00:00

docker-cli docker-engine security update

2020-12-05 00:00:00

cvelist

CVE-2020-15157 containerd can be coerced into leaking credentials during image pull

2020-10-16 16:45:18

threatpost

Deep Dive: Protecting Against Container Threats in the Cloud

2022-05-02 12:15:36

Containerd Bug Exposes Cloud Account Credentials

2020-10-26 17:12:13

Nvidia Warns Gamers of Severe GeForce Experience Flaws

2020-10-23 14:09:28

debian

[SECURITY] [DSA 4865-1] docker.io security update

2021-02-27 18:36:39

redhat

(RHSA-2020:5634) Moderate: OpenShift Container Platform 4.7.0 packages security update

2021-02-24 13:56:32

(RHSA-2020:5635) Moderate: OpenShift Container Platform 4.7.0 extras and security update

2021-02-24 14:47:52

(RHSA-2020:5633) Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update

2021-02-24 14:49:26

suse

Security update for conmon, libcontainers-common, libseccomp, podman (moderate)

2022-03-04 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.3%

JSON

Related for OSV:USN-4589-2