22 matches found
CVE-2018-1999033
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...
GHSA-F2J5-W76M-3RQH Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control API responses by Anchore engine...
Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control API responses by Anchore engine...
CVE-2022-41225
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control API responses by Anchore engine...
CVE-2022-41225
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control API responses by Anchore engine...
CVE-2022-41225
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control API responses by Anchore engine...
CVE-2022-41225
The CVE-2022-41225 issue affects Jenkins’ Anchore Container Image Scanner Plugin, specifically version 1.0.24 and earlier. The root cause is that the plugin does not escape content returned by the Anchore engine API, which leads to a stored cross-site scripting (XSS) vulnerability. The impact is ...
Exposure of sensitive information in Anchore Container Image Scanner Jenkins Plugin
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...
GHSA-W9V7-7MQ5-P27C Exposure of sensitive information in Anchore Container Image Scanner Jenkins Plugin
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...
Moderate: sane-backends security update
Scanner Access Now Easy SANE is a universal scanner interface. The SANE application programming interface API provides standardized access to any raster image scanner hardware for example, flatbed scanners, hand-held scanners, video and still cameras, and frame-grabbers. Security Fixes:...
CVE-2019-16542
Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-16542
The vulnerability CVE-2019-16542 affects the Jenkins Anchore Container Image Scanner Plugin (versions ≤ 1.0.19). The underlying issue is that credentials (service password for Anchore.io) are stored in plain text in job config.xml on the Jenkins master, making them readable by users with Extended...
CVE-2019-16542
Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CloudBees Jenkins Anchore Container Image Scanner Plugin Information Disclosure Vulnerability
CloudBees Jenkins is a set of Java-based continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Anchore Container Image Scanner Plugin is used in which a container inspection and...
CVE-2018-1999033
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...
CVE-2018-1999033
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...
CVE-2018-1999033
The CVE-2018-1999033 entry concerns Jenkins Anchore Container Image Scanner Plugin (
CVE-2018-1999033
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...
[SECURITY] Fedora 26 Update: sane-backends-1.0.25-7.fc26
Scanner Access Now Easy SANE is a universal scanner interface. The SANE application programming interface API provides standardized access to any raster image scanner hardware flatbed scanner, hand-held scanner, video and still cameras, frame-grabbers, etc...
Debian DSA-3399-1 : libpng - security update
Several vulnerabilities have been discovered in the libpng PNG library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-7981 Qixue Xiao discovered an out-of-bounds read vulnerability in the pngconverttorfc1123 function. A remote attacker can...