Lucene search
Veracode Vulnerability DatabaseVERACODE:32362HistoryOct 05, 2021 - 2:51 a.m.
Information Disclosure
2021-10-0502:51:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
0.001 Low
EPSS
Percentile
48.1%
github.com/docker/cli is vulnerable to information disclosure. The vulnerability exists due to a misconfigured configuration file which when listing a credsStore or credHelpers that could not be executed would list credentials being sent to registry-1.docker.io rather than the intended private registry.
References
cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
lists.fedoraproject.org/archives/list/[email protected]/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/
lists.fedoraproject.org/archives/list/[email protected]/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/
Related
cvelist
cvelist
github
github
Docker CLI leaks private registry credentials to registry-1.docker.io
2024-06-10 18:38:49
osv
osv
CVE-2021-41092
2021-10-04 20:15:07
Docker CLI leaks private registry credentials to registry-1.docker.io in github.com/docker/cli
2024-07-01 21:50:42
docker.io vulnerability
2021-11-09 02:38:17
debiancve
debiancve
CVE-2021-41092
2021-10-04 20:15:07
wolfi
wolfi
CVE-2021-41092 vulnerabilities
2024-07-03 09:08:38
prion
prion
Path traversal
2021-10-04 20:15:00
alpinelinux
alpinelinux
CVE-2021-41092
2021-10-04 20:15:07
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Docker vulnerability (USN-5134-1)
2021-11-09 00:00:00
Siemens SCALANCE LPE9403 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-41092)
2024-01-15 00:00:00
Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2022-017)
2022-05-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5134-1)
2021-11-10 00:00:00
Huawei EulerOS: Security Advisory for docker (EulerOS-SA-2022-2265)
2022-08-18 00:00:00
Mageia: Security Advisory (MGASA-2021-0500)
2022-01-28 00:00:00
ibm
ibm
cve
cve
CVE-2021-41092
2021-10-04 20:15:07
nvd
nvd
CVE-2021-41092
2021-10-04 20:15:07
redhatcve
redhatcve
CVE-2021-41092
2021-11-15 18:44:48
ubuntu
ubuntu
Docker vulnerability
2021-11-09 00:00:00
ubuntucve
ubuntucve
CVE-2021-41092
2021-10-04 00:00:00
mageia
mageia
Updated docker packages fix security vulnerabilities
2021-10-31 14:12:48
amazon
amazon
Medium: docker
2021-09-30 19:22:00
fedora
fedora
[SECURITY] Fedora 35 Update: moby-engine-20.10.9-1.fc35
2021-10-29 23:24:02
[SECURITY] Fedora 35 Update: containerd-1.5.7-1.fc35
2021-10-29 23:24:01
[SECURITY] Fedora 34 Update: containerd-1.5.7-1.fc34
2021-10-19 00:37:23
suse
suse
Security update for containerd, docker (moderate)
2022-02-04 00:00:00
Security update for containerd, docker, runc (important)
2021-10-25 00:00:00
Security update for containerd, docker, runc (important)
2021-10-31 00:00:00
ics
ics
Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
2022-06-16 12:00:00