CVE-2020-29601

Name of the Vulnerable Software and Affected Versions Notary Docker images versions prior to signer-0.6.1-1

Description The issue concerns a blank password for a root user in the official Notary Docker images. This could allow a remote attacker to gain root access to systems using the Notary Docker container deployed by affected versions of the Docker image.

Recommendations For versions prior to signer-0.6.1-1, update to version signer-0.6.1-1 or later to resolve the issue. As a temporary workaround, consider changing the root password in the Notary Docker container to prevent unauthorized access. Restrict access to the container to minimize the risk of exploitation.