blob: d31c7d8e35d8416290417845de68248ac4a09e09 [file] [log] [blame]
module = "k8s.io/kubernetes"
package = "k8s.io/kubernetes/pkg/credentialprovider"
description = """
Attempting to read a malformed .dockercfg may cause secrets to be
inappropriately logged.
"""
cve = "CVE-2020-8564"
credit = "@sfowl"
symbols = ["readDockerConfigFileFromBytes", "readDockerConfigJSONFileFromBytes"]
[[versions]]
fixed = "v1.20.0-alpha.1"
[links]
commit = "https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634"
pr = "https://github.com/kubernetes/kubernetes/pull/94712"
context = ["https://github.com/kubernetes/kubernetes/issues/95622"]
# This is a really confusing one to classify becuase of how kubernetes
# does their vendoring stuff.