kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4

🗓️ 27 Oct 2020 14:53:57Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 1 Views

Kubernetes leaks docker config secrets when a malformed file is used and log level is at least four.

Reporter	Title	Published	Views	Family All 67
IBM Security Bulletins	Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8566, CVE-2020-8565, CVE-2020-8563, CVE-2020-8564)	26 Feb 202115:42	–	ibm
IBM Security Bulletins	Security Bulletin: IBM CICS TX Standard is vulnerable to multiple vulnerabilities in Golang Go.	14 Feb 202321:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in Golang Go.	14 Feb 202321:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.	1 Sep 202514:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data	29 Jun 202217:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.	18 Aug 202504:31	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in the Python, Docker, and ICP affect IBM Spectrum Discover	13 May 202116:56	–	ibm
Chainguard	CVE-2020-8564 vulnerabilities	7 Dec 202022:15	–	cgr
Circl	CVE-2020-8564	19 Oct 202007:56	–	circl
CNVD	Kubernetes Log Information Disclosure Vulnerability (CNVD-2020-65160)	6 Nov 202000:00	–	cnvd

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	7	x86_64	openshift-clients	0:4.6.0-202010081244.p0.git.3794.4743d24.el7	openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64.rpm
Red Hat Enterprise Linux	8	ppc64le	openshift-clients	0:4.6.0-202010081244.p0.git.3794.4743d24.el8	openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le.rpm
Red Hat Enterprise Linux	8	s390x	openshift-clients	0:4.6.0-202010081244.p0.git.3794.4743d24.el8	openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x.rpm
Red Hat Enterprise Linux	8	x86_64	openshift-clients	0:4.6.0-202010081244.p0.git.3794.4743d24.el8	openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	openshift-clients-redistributable	0:4.6.0-202010081244.p0.git.3794.4743d24.el7	openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64.rpm
Red Hat Enterprise Linux	8	x86_64	openshift-clients-redistributable	0:4.6.0-202010081244.p0.git.3794.4743d24.el8	openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2020-8564
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/kubernetes/kubernetes/issues/95622
groups	www.groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-8564
cve	www.cve.org/CVERecord

02 Jun 2026 17:25Current

7.3High risk

Vulners AI Score7.3

CVSS 22.1

CVSS 3.14.7 - 5.5

EPSS0.00042

kubernetes docker config secrets malformed file log level four kubectl registry credentials