Lucene search
Veracode Vulnerability DatabaseVERACODE:25319HistoryMay 10, 2020 - 11:25 p.m.
Information Disclosure
2020-05-1023:25:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.042 Low
EPSS
Percentile
92.3%
docker is vulnerable to information disclosure. The vulnerability exists as debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret.
| CPE | Name | Operator | Version |
|---|---|---|---|
| docker:3.9 | eq | 18.09.8-r0 | |
| docker:3.10 | eq | 18.09.8-r0 | |
| docker:3.9 | eq | 18.09.8-r0 | |
| docker:3.10 | eq | 18.09.8-r0 |
References
lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html
www.securityfocus.com/bid/109253
docs.docker.com/engine/release-notes/
lists.fedoraproject.org/archives/list/[email protected]/message/N674WD3OBDPHLWY6EABRHQH5ON6SUJBU/
lists.fedoraproject.org/archives/list/[email protected]/message/PFFBVE7O73TAVY2BCWXSA2OOSLJVCPXC/
security.netapp.com/advisory/ntap-20190828-0003/
Related
alpinelinux
alpinelinux
CVE-2019-13509
2019-07-18 16:15:11
osv
osv
CVE-2019-13509
2019-07-18 16:15:11
Secret insertion into debug log in Docker
2022-05-24 16:50:40
docker.io - security update
2019-09-09 00:00:00
nvd
nvd
CVE-2019-13509
2019-07-18 16:15:11
openvas
openvas
Docker < 18.09.8 Information Disclosure Vulnerability
2019-07-29 00:00:00
Fedora Update for docker FEDORA-2019-5b54793a4a
2019-08-29 00:00:00
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2020-1283)
2020-03-20 00:00:00
prion
prion
Design/Logic Flaw
2019-07-18 16:15:00
nessus
nessus
Fedora 29 : 2:docker (2019-4bed83e978)
2019-08-28 00:00:00
EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2020-1283)
2020-03-20 00:00:00
Fedora 30 : 2:docker (2019-5b54793a4a)
2019-08-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-13509 affecting package moby-buildx 0.4.1-3
2021-07-08 21:56:42
fedora
fedora
[SECURITY] Fedora 30 Update: docker-1.13.1-68.git47e2230.fc30
2019-08-27 15:28:34
[SECURITY] Fedora 29 Update: docker-1.13.1-68.git47e2230.fc29
2019-08-27 18:38:02
cve
cve
CVE-2019-13509
2019-07-18 16:15:11
ubuntucve
ubuntucve
CVE-2019-13509
2019-07-18 00:00:00
cvelist
cvelist
CVE-2019-13509
2019-07-18 15:34:59
github
github
Secret insertion into debug log in Docker
2022-05-24 16:50:40
redhatcve
redhatcve
CVE-2019-13509
2019-07-23 11:21:44
debiancve
debiancve
CVE-2019-13509
2019-07-18 16:15:11
amazon
amazon
Medium: docker
2019-11-04 18:12:00
oraclelinux
oraclelinux
docker-engine security update
2019-10-03 00:00:00
debian
debian
[SECURITY] [DSA 4521-1] docker.io security update
2019-09-09 20:55:48
photon
photon
Important Photon OS Security Update - PHSA-2020-0085
2020-05-02 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0085
2020-05-02 00:00:00
suse
suse