CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24579 – Tar path traversal in stereoscope when processing OCI tar archives
https://notcve.org/view.php?id=CVE-2024-24579
31 Jan 2024 — stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive temporary directory. Specifically, use of `github.com/anchore/stereoscope/pkg/file.UntarToDirectory()` function, the `github.com/anchore/stereoscope/pkg/image/oci.TarballImageProvider` struct, or the higher level `github.com/anchore/... • https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24827 – Credential disclosure in syft when SYFT_ATTEST_PASSWORD environment variable set in syft
https://notcve.org/view.php?id=CVE-2023-24827
07 Feb 2023 — syft is a a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. A password disclosure flaw was found in Syft versions v0.69.0 and v0.69.1. This flaw leaks the password stored in the SYFT_ATTEST_PASSWORD environment variable. The `SYFT_ATTEST_PASSWORD` environment variable is for the `syft attest` command to generate attested SBOMs for the given container image. This environment variable is used to decrypt the private key (provided with `syft atte... • https://github.com/anchore/syft/commit/9995950c70e849f9921919faffbfcf46401f71f3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-1766
https://notcve.org/view.php?id=CVE-2022-1766
20 Jul 2022 — Anchore Enterprise anchorectl version 0.1.4 improperly stored credentials when generating a Software Bill of Materials. anchorectl will add the credentials used to access Anchore Enterprise API in the Software Bill of Materials (SBOM) generated by anchorectl. Users of anchorectl version 0.1.4 should upgrade to anchorectl version 0.1.5 to resolve this issue. Anchorectl versión 0.1.4, almacena inapropiadamente las credenciales cuando genera una lista de materiales de software. anchorectl añadirá las credencia... • https://docs.anchore.com/current/docs/releasenotes/401 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.9EPSS: 1%CPEs: 1EXPL: 0CVE-2020-11075 – Shell Escape in Anchore Engine
https://notcve.org/view.php?id=CVE-2020-11075
27 May 2020 — In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an authenticated user via a valid API request to anchore engine, or if an already added image that anchore is monitoring has its manifest altered to exploit the same flaw. A successful attack can be used to execute commands that run in the... • https://github.com/anchore/anchore-engine/commit/e41786901f097fd32104447a45864073105d37db • CWE-114: Process Control •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1999033
https://notcve.org/view.php?id=CVE-2018-1999033
01 Aug 2018 — An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's configuration. Existe una vulnerabilidad de exposición de información sensible en el plugin Anchore Container Image Scanner en Jenkins en versiones 10.16 y anteriores en AnchoreBuilder.java que permite que los atacan... • https://jenkins.io/security/advisory/2018-07-30/#SECURITY-1039 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •