Oval Definition:oval:org.opensuse.security:def:20208564
Revision Date:2022-05-22Version:1
Title:CVE-2020-8564
Description:

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, < v1.17.13.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-8564
SUSE CVE-2020-8564
SUSE-CU-2020:822-1
SUSE-CU-2020:825-1
SUSE-CU-2020:831-1
SUSE-CU-2020:832-1
SUSE-CU-2020:833-1
SUSE-CU-2020:834-1
SUSE-CU-2020:837-1
SUSE-CU-2020:848-1
SUSE-CU-2020:849-1
SUSE-CU-2020:850-1
SUSE-CU-2020:851-1
SUSE-CU-2020:852-1
SUSE-SU-2020:3761-1
Platform(s):SUSE CaaS Platform 4.0
SUSE CaaS Platform 4.5
Product(s):
Definition Synopsis
  • SUSE CaaS Platform 4.5 is installed
  • AND Package Information
  • caasp-release-4.5.2-1.8.2 is installed
  • OR cri-o-1.18-1.18.4-4.3.2 is installed
  • OR cri-o-1.18-kubeadm-criconfig-1.18.4-4.3.2 is installed
  • OR etcdctl-3.4.13-3.3.1 is installed
  • OR helm2-2.16.12-3.3.1 is installed
  • OR helm3-3.3.3-3.8.1 is installed
  • OR kubernetes-1.18-kubeadm-1.18.10-4.3.1 is installed
  • OR kubernetes-1.18-kubelet-1.18.10-4.3.1 is installed
  • OR patterns-caasp-Management-4.5-3.3.1 is installed
  • OR skuba-2.1.11-3.10.1 is installed
  • OR skuba-update-2.1.11-3.10.1 is installed
  • OR velero-1.4.2-3.3.1 is installed
    • Definition Synopsis
  • SUSE CaaS Platform 4.0 is installed
  • AND Package Information
  • kubernetes-client is affected
  • OR kubernetes-common is affected
  • OR kubernetes-kubeadm is affected
  • OR kubernetes-kubelet is affected
    • BACK