漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
CVSS Information
N/A
Vulnerability Type
敏感数据的不恰当跨边界移除
Vulnerability Title
Docker 信息泄露漏洞
Vulnerability Description
Docker是美国Docker公司的一款开源的应用容器引擎。该产品支持在Linux系统上创建一个容器(轻量级虚拟机)并部署和运行应用程序,以及通过配置文件实现应用程序的自动化安装、部署和升级。 Docker存在安全漏洞。该漏洞源于当通过Varlink或兼容docker的REST API启动时,容器之间的环境变量会泄漏。
CVSS Information
N/A
Vulnerability Type
N/A