CNNVD-202506-2128 Information
CNNVD ID
CNNVD-202506-2128
Related CVE
- CNNVD Published: 2025-06-17
Description (Chinese)
Portainer是Portainer开源的一款用于管理Docker环境和Docker主机的轻量级用户管理界面。 Portainer Community Edition 2.31.0之前版本和2.27.7之前版本存在信息泄露漏洞,该漏洞源于注册恶意容器注册表可能导致HTTP标头泄露。
Description (English)
Portainer is a lightweight user management interface for the Docker environment and Docker mainframe. There is an information leakage loophole in previous versions of Portainer Commission 2.31.0 and in previous versions of 2.2.7, which stems from the fact that the registration form for a malicious container may result in the release of HTTP markers.
Hazard Level
High
Vulnerability Type
信息泄露
Affected Vendor
Portainer
Published
2025-06-17
Last Modified
2026-02-24
References
https://github.com/portainer/portainer/commit/b767dcb27ed253b423facd2e04ef971985950fd3 https://github.com/portainer/portainer/commit/384cb53c64af78af8e1ac7ef5b0f91bad530e989 https://github.com/portainer/portainer/security/advisories/GHSA-h5jw-8c32-xfv6 https://nvd.nist.gov/vuln/detail/CVE-2025-49593
Patch
https://github.com/portainer/portainer/releases
Share on: