CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

CVE-2025-65965 Grype has a credential disclosure vulnerability in Grype JSON output

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

PT-2025-48043

Name of the Vulnerable Software and Affected Versions Grype versions 0.68.0 through 0.104.0 Description Grype, a vulnerability scanner for container images and filesystems, contains a flaw where registry credentials can be improperly included in the output of a scan. This occurs when registry...

CVE-2025-64115

Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly for redirects in multiple settings endpoints, allowing a crafted link to cause an open redirect to an attacker-controlled site and...