35 matches found
GHSA-CVXM-645Q-P574 vulnerabilities
Vulnerabilities for packages: kaniko, trivy, docker-fips, cloudbeat-fips, grype-db, neuvector-scanner-fips, chainctl, spegel-fips, grype, docker-cli-buildx, neuvector-scanner, k9s, livekit-cli, zarf-fips, grype-fips, cloudbeat, manifest-tool, kube-mgmt, kubescape-server, packer-fips, syft,...
CVE-2026-53489 vulnerabilities
Vulnerabilities for packages: kaniko, trivy, docker-fips, cloudbeat-fips, grype-db, neuvector-scanner-fips, chainctl, spegel-fips, grype, docker-cli-buildx, neuvector-scanner, k9s, livekit-cli, zarf-fips, grype-fips, cloudbeat, manifest-tool, kube-mgmt, kubescape-server, packer-fips, syft,...
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: trivy, kgateway, newrelic-infrastructure-agent, helm-operator-fips, spegel-fips, grype, chaos-mesh-fips, k9s, grype-fips, skaffold-fips, helm-operator, kube-arangodb, scorecard, kots, trivy-fips, newrelic-infrastructure-agent-fips, docker-compose-fips,...
GHSA-JPCC-P29G-P8MQ vulnerabilities
Vulnerabilities for packages: trivy, kgateway, newrelic-infrastructure-agent, helm-operator-fips, spegel-fips, grype, chaos-mesh-fips, k9s, grype-fips, skaffold-fips, helm-operator, kube-arangodb, scorecard, kots, trivy-fips, newrelic-infrastructure-agent-fips, docker-compose-fips,...
CVE-2025-8077 vulnerabilities
Vulnerabilities for packages: neuvector-scanner-fips, neuvector-scanner...
GHSA-8PXW-9C75-6W56 vulnerabilities
Vulnerabilities for packages: neuvector-scanner-fips, neuvector-scanner...
CVE-2025-8077 vulnerabilities
Vulnerabilities for packages: neuvector-scanner...
GHSA-8PXW-9C75-6W56 vulnerabilities
Vulnerabilities for packages: neuvector-scanner...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: helm, secrets-store-csi-driver, filebrowser, emissary, lvm-driver, wave, bento, tetragon, kyverno, spire-server, aws-flb-firehose, kubernetes-csi-driver-nfs, cluster-api-provider-vsphere, envoy-gateway, istio, trivy-operator, datadog-agent, vault-benchmark,...
CVE-2025-67860
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860
NeuVector scanner (CVE-2025-67860) is affected: the scanner process accepts registry and controller credentials via command-line arguments, potentially exposing sensitive credentials to local users. Root cause: credentials handled in command-line context. Impact: limited confidentiality risk (Low...
SUSE CVE-2025-67860
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
Insufficiently Protected Credentials
Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via handling passwords as command arguments. An attacker can obtain sensitive information by accessing process arguments through system interfaces. Remediation Upgrade github.com/neuvector/scanner to...
GO-2026-4490 NeuVector scanner insecurely handles passwords as command arguments in github.com/neuvector/scanner
NeuVector scanner insecurely handles passwords as command arguments in github.com/neuvector/scanner. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
NeuVector scanner insecurely handles passwords as command arguments
Impact A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users. This may allow unauthorized access to registries or the NeuVector...
GHSA-3C9M-GQ32-G4JX NeuVector scanner insecurely handles passwords as command arguments
Impact A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users. This may allow unauthorized access to registries or the NeuVector...
PT-2026-7954
Name of the Vulnerable Software and Affected Versions NeuVector versions prior to 4.072 Description The NeuVector scanner insecurely handles passwords as command arguments. The scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive...