22 matches found
K25551452: Alpine Linux Docker image vulnerability CVE-2019-5021
Security Advisory Description Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected...
SUSE CVE-2019-5021
Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux...
SUSE: Security Advisory (SUSE-SU-2021:4011-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : sles12sp2-docker-image (SUSE-SU-2021:4011-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:4011-1 advisory. - Invalidate the root password was empty before bsc1134524 CVE-2019-5021 Note that SUSE does not recommend use of this image anymore, please use newer...
SUSE-SU-2021:4011-1 Security update for sles12sp2-docker-image
This update for sles12sp2-docker-image fixes the following issues: - Invalidate the root password was empty before bsc1134524 CVE-2019-5021 Note that SUSE does not recommend use of this image anymore, please use newer versions from the registry...
SUSE: Security Advisory (SUSE-SU-2019:1368-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1368-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-5021. Reason: This candidate is a reservation duplicate of CVE-2019-5021. Notes: All CVE users should reference CVE-2019-5021 instead of this candidate. All references and descriptions in this candidate have been removed to...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-5021. Reason: This candidate is a reservation duplicate of CVE-2019-5021. Notes: All CVE users should reference CVE-2019-5021 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2020-35194
CVE-2020-35194 is a reservation duplicate of CVE-2019-5021. Connected docs show that CVE-2019-5021 affects Alpine Linux Docker images since v3.3, introducing a NULL root password due to a regression (Dec 2015). Impact: remote authentication bypass on affected containers. Remediation: upgrade to n...
CVE-2020-35188
CVE-2020-35188 is a reservation duplicate of CVE-2019-5021 and is not an active entry; connected docs confirm CVE-2019-5021 affects Alpine Linux Docker images (since v3.3) with a NULL root password due to a regression around December 2015. The impact is remote access risk if PAM/shadow-based auth...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-5021. Reason: This candidate is a reservation duplicate of CVE-2019-5021. Notes: All CVE users should reference CVE-2019-5021 instead of this candidate. All references and descriptions in this candidate have been removed to...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-5021. Reason: This candidate is a reservation duplicate of CVE-2019-5021. Notes: All CVE users should reference CVE-2019-5021 instead of this candidate. All references and descriptions in this candidate have been removed to...
SUSE-SU-2019:1368-2 Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root
This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524...
Alpine Docker Image Vulnerability (CVE-2019-5021): How to Detect and Fix
A vulnerability affecting the official Alpine Docker images version =3.3 contains a null password for the root user. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container that utilize Linux PAM, or some other mechanism that uses the system shadow...
openSUSE Security Update : system-user-root (openSUSE-2019-1495)
This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues : - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc...
openSUSE: Security Advisory for Recommended (openSUSE-SU-2019:1495-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2019:1495-1 Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root
This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524 This update was imported from the SUSE:SLE-15:Update update project...
SUSE-SU-2019:1368-1 Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root
This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one bsc1134524...
CVE-2019-5021
creationtimestamp| type| source ---|---|--- 2019-05-15 12:52:15+00:00| seen| https://t.me/canyoupwnme/5525 2019-05-21 14:10:37+00:00| seen| https://t.me/BleepingComputer/5085 2020-12-22 08:12:31+00:00| published-proof-of-concept| https://t.me/k8security/171...