27 matches found
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: neuvector-scanner, nginx-prometheus-exporter, prometheus-pushgateway, grafana-pyroscope, yunikorn-k8shim, dkron, flux-helm-controller, docker-cli, migrate, snyk-cli, step-issuer, gatekeeper, gh, kaf, tofu-controller, terraform, ingress-nginx-controller,...
CVE-2025-67860
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
CVE-2025-67860
NeuVector scanner (CVE-2025-67860) is affected: the scanner process accepts registry and controller credentials via command-line arguments, potentially exposing sensitive credentials to local users. Root cause: credentials handled in command-line context. Impact: limited confidentiality risk (Low...
SUSE CVE-2025-67860
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
Insufficiently Protected Credentials
Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via handling passwords as command arguments. An attacker can obtain sensitive information by accessing process arguments through system interfaces. Remediation Upgrade github.com/neuvector/scanner to...
GO-2026-4490 NeuVector scanner insecurely handles passwords as command arguments in github.com/neuvector/scanner
NeuVector scanner insecurely handles passwords as command arguments in github.com/neuvector/scanner. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
GHSA-3C9M-GQ32-G4JX NeuVector scanner insecurely handles passwords as command arguments
Impact A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users. This may allow unauthorized access to registries or the NeuVector...
NeuVector scanner insecurely handles passwords as command arguments
Impact A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users. This may allow unauthorized access to registries or the NeuVector...
PT-2026-7954
Name of the Vulnerable Software and Affected Versions NeuVector versions prior to 4.072 Description The NeuVector scanner insecurely handles passwords as command arguments. The scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive...
CVE-2023-49673
A cross-site request forgery CSRF vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password...
GHSA-C8G6-QRWH-M3VP vulnerabilities
Vulnerabilities for packages: neuvector-scanner...
GHSA-H773-7GF7-9M2X vulnerabilities
Vulnerabilities for packages: neuvector-scanner...
CVE-2025-54471 vulnerabilities
Vulnerabilities for packages: neuvector-scanner...
CVE-2025-54469 vulnerabilities
Vulnerabilities for packages: neuvector-scanner...
GHSA-C8G6-QRWH-M3VP vulnerabilities
Vulnerabilities for packages: neuvector-scanner, neuvector-scanner-fips...
CVE-2025-54471 vulnerabilities
Vulnerabilities for packages: neuvector-scanner, neuvector-scanner-fips...
CVE-2025-54469 vulnerabilities
Vulnerabilities for packages: neuvector-scanner, neuvector-scanner-fips...