EUVD-2023-53842

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-41092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login...

Authentication Bypass

gitea is vulnerable to Authentication Bypass. The vulnerability is caused when docker login uses basic authentication, which allows an attacker to bypass 2FA authentication...

CVE-2023-49947

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

CVE-2023-49947

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

CVE-2023-49947

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

Authentication flaw

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

Forgejo Security Breach

Forgejo is a lightweight git service. A security vulnerability exists in versions prior to Forgejo 1.20.5-1 that stems from allowing two-factor authentication bypass when docker login is used with basic authentication...

PT-2023-31418 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Forgejo versions prior to 1.20.5-1 Description: The issue allows for 2FA bypass when docker login uses Basic Authentication. Recommendations: For versions prior to 1.20.5-1, update to version 1.20.5-1 or later to resolve the issue...

CVE-2023-49947

CVE-2023-49947 concerns Forgejo prior to 1.20.5-1, where using docker login with Basic Authentication enables a 2FA bypass. The core issue is a bypass of two-factor authentication when Basic Auth is used during Docker login. The CVE is reflected in multiple sources (NVD, Red Hat advisories, CVE l...

Incorrect Authorization

Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication...

Docker Desktop < 2.1.0.1 Privilege Escalation

The version of Docker Desktop for Windows is prior to 2.1.0.1. Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting f...

Ubuntu: Security Advisory (USN-5134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5134-1 docker.io vulnerability

An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry...

PT-2021-7301 · Docker +5 · Docker Cli +5

Name of the Vulnerable Software and Affected Versions: Docker CLI versions prior to 20.10.9 Description: A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or...

CVE-2019-15752

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restar...