CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2025/05/22 6:57 a.m.•8 views

CVE-2018-1999033

An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...

6.5CVSS6.2AI score0.00259EPSS

Exploits0References1

OSV•added 2022/09/22 12:0 a.m.•18 views

GHSA-F2J5-W76M-3RQH Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting

Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control API responses by Anchore engine...

8CVSS5.4AI score0.20595EPSS

Exploits0References4

OSV•added 2022/09/21 4:15 p.m.•10 views

CVE-2022-41225

5.4CVSS5.3AI score

Exploits0References1

NVD•added 2022/09/21 4:15 p.m.•15 views

CVE-2022-41225

5.4CVSS0.20595EPSS

Exploits0References1

Cvelist•added 2022/09/21 3:45 p.m.•18 views

CVE-2022-41225

5.7AI score0.20595EPSS

Exploits0References1

CVE•added 2022/09/21 3:45 p.m.•303 views

CVE-2022-41225

The CVE-2022-41225 issue affects Jenkins’ Anchore Container Image Scanner Plugin, specifically version 1.0.24 and earlier. The root cause is that the plugin does not escape content returned by the Anchore engine API, which leads to a stored cross-site scripting (XSS) vulnerability. The impact is ...

5.4CVSS5.2AI score0.20595EPSS

Exploits0References1Affected Software1

Github Security Blog•added 2022/05/13 1:30 a.m.•16 views

Exposure of sensitive information in Anchore Container Image Scanner Jenkins Plugin

6.5CVSS2.8AI score0.00259EPSS

Exploits0References3Affected Software1

OSV•added 2022/05/13 1:30 a.m.•20 views

GHSA-W9V7-7MQ5-P27C Exposure of sensitive information in Anchore Container Image Scanner Jenkins Plugin

6.5CVSS6.3AI score0.00259EPSS

Exploits0References3

NVD•added 2019/11/21 3:15 p.m.•8 views

CVE-2019-16542

Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.5AI score0.00047EPSS

Exploits0References2

CVE•added 2019/11/21 2:11 p.m.•63 views

CVE-2019-16542

The vulnerability CVE-2019-16542 affects the Jenkins Anchore Container Image Scanner Plugin (versions ≤ 1.0.19). The underlying issue is that credentials (service password for Anchore.io) are stored in plain text in job config.xml on the Jenkins master, making them readable by users with Extended...

6.5CVSS6.4AI score0.00047EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/11/21 2:11 p.m.•15 views

CVE-2019-16542

6.4AI score0.00047EPSS

Exploits0References2

CNVD•added 2018/08/08 12:0 a.m.•3 views

CloudBees Jenkins Anchore Container Image Scanner Plugin Information Disclosure Vulnerability

CloudBees Jenkins is a set of Java-based continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Anchore Container Image Scanner Plugin is used in which a container inspection and...

6.5CVSS6.2AI score0.00259EPSS

Exploits0References1

OSV•added 2018/08/01 1:29 p.m.•8 views

CVE-2018-1999033

6.5CVSS6.2AI score

Exploits0References1

Cvelist•added 2018/08/01 1:0 p.m.•15 views

CVE-2018-1999033

6.3AI score0.00259EPSS

Exploits0References1

CVE•added 2018/08/01 1:0 p.m.•60 views

CVE-2018-1999033