Siemens SCALANCE LPE9403 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-41092)

A vulnerability was found in the Docker CLI where running 'docker login my-private-registry.example.com' with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be executed would result in any provided credentials being sent to...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2022-2311)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2022-2218)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2022-017)

The version of docker installed on the remote host is prior to 20.10.7-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2022-017 advisory. A file permissions vulnerability was found in Moby Docker Engine. Copying files by using docker cp into a...

Ubuntu 18.04 LTS / 20.04 LTS : Docker vulnerability (USN-5134-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5134-1 advisory. An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied...

Information Disclosure

github.com/docker/cli is vulnerable to information disclosure. The vulnerability exists due to a misconfigured configuration file which when listing a credsStore or credHelpers that could not be executed would list credentials being sent to registry-1.docker.io rather than the intended private...

Path traversal

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be...

Amazon Linux AMI : docker (ALAS-2021-1537)

The version of docker installed on the remote host is prior to 20.10.7-3.71. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1537 advisory. A bug was found in Moby Docker Engine where attempting to copy files using docker cp into a specially- crafted containe...