CVE-2020-8566: Inclusion of Sensitive Information in Log Files
(updated )
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager’s logs during provisioning of Ceph RBD persistent claims.
References
Detect and mitigate CVE-2020-8566 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →