Vulnerabilities > Anchore

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-31	CVE-2024-24579	Path Traversal vulnerability in Anchore Stereoscope stereoscope is a go library for processing container images and simulating a squash filesystem. network low complexity anchore CWE-22 critical	9.8
2023-02-07	CVE-2023-24827	Information Exposure Through Log Files vulnerability in Anchore Syft 0.69.0/0.69.1 syft is a a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. network low complexity anchore CWE-532	7.5
2020-05-27	CVE-2020-11075	Unspecified vulnerability in Anchore Engine 0.7.0 In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. network low complexity anchore	6.5
2018-08-01	CVE-2018-1999033	Information Exposure vulnerability in Anchore Container Image Scanner An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's configuration. network low complexity anchore CWE-200	4.0

Vulnerabilities > Anchore {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Anchore"}]}