reports/GO-2021-0066.yaml - vulndb - Git at Google

 module: k8s.io/kubernetes
 package: k8s.io/kubernetes/pkg/credentialprovider
 versions:
   - fixed: v1.20.0-alpha.1
 description: |
   Attempting to read a malformed .dockercfg may cause secrets to be
   inappropriately logged.
 cves:
   - CVE-2020-8564
 credit: "@sfowl"
 symbols:
   - readDockerConfigFileFromBytes
   - readDockerConfigJSONFileFromBytes
 links:
   pr: https://github.com/kubernetes/kubernetes/pull/94712
   commit: https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634
   context:
     - https://github.com/kubernetes/kubernetes/issues/95622
	module: k8s.io/kubernetes
	package: k8s.io/kubernetes/pkg/credentialprovider
	versions:
	- fixed: v1.20.0-alpha.1
	description: \|
	Attempting to read a malformed .dockercfg may cause secrets to be
	inappropriately logged.
	cves:
	- CVE-2020-8564
	credit: "@sfowl"
	symbols:
	- readDockerConfigFileFromBytes
	- readDockerConfigJSONFileFromBytes
	links:
	pr: https://github.com/kubernetes/kubernetes/pull/94712
	commit: https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634
	context:
	- https://github.com/kubernetes/kubernetes/issues/95622