​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-6h42-qg2h-m7r9

Published

Last updated

https://images.chainguard.dev/security/CGA-6h42-qg2h-m7r9
Package

kubeflow-pipelines

Latest Update
Fixed
Fixed Version

2.2.0-r3

Aliases
  • CVE-2020-8565
  • GHSA-8cfg-vx93-jvxw

Severity

4.7

Medium

CVSS V3

Summary

Kubernetes client-go vulnerable to Sensitive Information Leak via Log File

Description

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.5, <= v1.18.13, <= v1.17.15, < v1.20.0-alpha2.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images