Lucene search
Veracode Vulnerability DatabaseVERACODE:29195HistoryFeb 01, 2021 - 7:05 a.m.
Information Disclosure
2021-02-0107:05:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
49.6%
github.com/moby/buildkit is vulnerable to information disclosure. The os.OpenFile in util/binfmt_misc/check.go uses an unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call, resulting in the creation of unnecessary file that can contain confidential information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/moby/buildkit | le | v0.7.2 | |
| github.com/moby/moby | le | v19.03.8 | |
| github.com/moby/buildkit | le | v0.7.2 | |
| github.com/moby/moby | le | v19.03.8 |
Related
cve
cve
CVE-2020-27534
2020-12-30 23:15:15
cbl_mariner
cbl_mariner
CVE-2020-27534 affecting package moby-buildx 0.4.1-3
2021-07-08 21:56:42
cvelist
cvelist
CVE-2020-27534
2020-12-30 22:28:10
prion
prion
Design/Logic Flaw
2020-12-30 23:15:00
github
github
Path Traversal in Moby builder
2024-01-31 23:13:10
osv
osv
CVE-2020-27534
2020-12-30 23:15:00
Path Traversal in Moby builder
2024-01-31 23:13:10
nvd
nvd
CVE-2020-27534
2020-12-30 23:15:15
redhatcve
redhatcve
CVE-2020-27534
2021-01-27 15:57:10
ubuntucve
ubuntucve
CVE-2020-27534
2020-12-30 00:00:00
openvas
openvas
Docker < 19.03.9 Irrelevant Temp File Creation - Windows
2021-09-08 00:00:00
debiancve
debiancve
CVE-2020-27534
2020-12-30 23:15:15
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0045
2023-07-05 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0041
2023-06-29 00:00:00