Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins anchore container image scanner vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-16542
Jenkins Anchore Container Image Scanner Plugin 1.0.19 and previous versions stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
Jenkins Anchore Container Image Scanner
NA
CVE-2022-41225
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and previous versions does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control API responses by Anchore engine.
Jenkins Anchore Container Image Scanner
4
CVSSv2
CVE-2018-1999033
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and previous versions in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the passwor...
Anchore Container Image Scanner
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started