Docker Hub hacked, how is Cloudron affected?
-
During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.
Can you adress this?
-
Our DockerHub account is not linked to any Github or Bitbucket account, so there is no issue on that front.
For the other case where someone might have gotten access to our DockerHub account, our app manifests specify the docker image id, instead of repo name and tag name.
-
That's good news. I suspected nothing was compromised with Cloudron but it's good to have it stated.
