blob: ef5f9657ac406b46853dca6dc2c15254af547c49 [file] [log] [blame]
module = "k8s.io/kubernetes"
package = "k8s.io/kubernetes/pkg/credentialprovider"
description = """
Attempting to read a malformed .dockercfg may cause secrets to be
inappropriately logged.
"""
cve = "CVE-2020-8564"
credit = "@sfowl"
symbols = ["readDockerConfigFileFromBytes", "readDockerConfigJSONFileFromBytes"]
published = "2021-04-14T12:00:00Z"
[[versions]]
fixed = "v1.20.0-alpha.1"
[links]
commit = "https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634"
pr = "https://github.com/kubernetes/kubernetes/pull/94712"
context = ["https://github.com/kubernetes/kubernetes/issues/95622"]
# This is a really confusing one to classify becuase of how kubernetes
# does their vendoring stuff.