RSS   Vulnerabilities for 'Command line interface'   RSS

2021-10-04
 
CVE-2021-41092

CWE-200
 

 
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.

 

 >>> Vendor: Docker 23 Products
Docker
Docker-py
Libcontainer
Docker registry
Credential helpers
Cs engine
Engine
Docker desktop
Notary docker image
Regisry
Registry
Composer
Adminer
Haproxy
Rabbitmq
Memcached
DOCS
Ghost alpine docker image
Haproxy docker image
Rabbitmq docker image
Memcached docker image
Desktop
Command line interface


Copyright 2022, cxsecurity.com

 

Back to Top