Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
containerd v1.2.x can be coerced into leaking credentials during image pull Moderate
CVE-2020-15157 was published for github.com/containerd/containerd (Go) Feb 11, 2022
bgeesaman joshlarsen
IanColdwater mauilion raesene
scs-library-client may leak user credentials to third-party service via HTTP redirect Moderate
CVE-2022-23538 was published for github.com/sylabs/scs-library-client (Go) Jan 20, 2023
containers/image library Insufficiently Protects Credentials Moderate
CVE-2019-10214 was published for github.com/containers/image (Go) Feb 15, 2022
Trivy possibly leaks registry credential when scanning images from malicious registries Moderate
CVE-2024-35192 was published for github.com/aquasecurity/trivy (Go) May 20, 2024
lyoung-confluent
Docker CLI leaks private registry credentials to registry-1.docker.io Moderate
CVE-2021-41092 was published for github.com/docker/cli (Go) Jun 10, 2024
Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins Moderate
CVE-2022-31130 was published for github.com/grafana/grafana (Go) May 14, 2024
joaxcar
ProTip! Advisories are also available from the GraphQL API