Security Advisory

CVE-2019-10214

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-25 10:41:15

Last updated 2024-08-04 22:17:18

Assigner redhat

State PUBLISHED

Description

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.

← Browse all CVEs View on cve.org ↗