blob: 2dd88050eeae21661ae2cea37803a06c16ae1a3a [file] [log] [blame]
packages:
- module: k8s.io/kubernetes
package: k8s.io/kubernetes/pkg/credentialprovider
symbols:
- readDockerConfigFileFromBytes
- readDockerConfigJSONFileFromBytes
versions:
- fixed: 1.20.0-alpha.1
description: |
Attempting to read a malformed .dockercfg may cause secrets to be
inappropriately logged.
published: 2021-04-14T20:04:52Z
cves:
- CVE-2020-8564
credit: '@sfowl'
links:
pr: https://github.com/kubernetes/kubernetes/pull/94712
commit: https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634
context:
- https://github.com/kubernetes/kubernetes/issues/95622