VYPR

anchorectl

by Anchore

CVEs (2)

  • CVE-2022-1766Jul 20, 2022
    risk 0.00cvss epss 0.01

    Anchore Enterprise anchorectl version 0.1.4 improperly stored credentials when generating a Software Bill of Materials. anchorectl will add the credentials used to access Anchore Enterprise API in the Software Bill of Materials (SBOM) generated by anchorectl. Users of anchorectl…

  • CVE-2020-11075May 27, 2020
    risk 0.00cvss epss 0.02

    In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an…