Anchore Enterprise anchorectl version 0.1.4 improperly stored credentials when generating a Software Bill of Materials. anchorectl will add the credentials used to access Anchore Enterprise API in the Software Bill of Materials (SBOM) generated by anchorectl. Users of anchorectl version 0.1.4 should upgrade to anchorectl version 0.1.5 to resolve this issue.
                
            Metrics
Affected Vendors & Products
References
        | Link | Providers | 
|---|---|
| https://docs.anchore.com/current/docs/releasenotes/401/ |     | 
History
                    No history.
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: certcc
Published: 2022-07-20T16:10:10.790146Z
Updated: 2024-09-16T20:36:35.624Z
Reserved: 2022-05-17T00:00:00
Link: CVE-2022-1766
 Vulnrichment
                        Vulnrichment
                    No data.
 NVD
                        NVD
                    Status : Modified
Published: 2022-07-20T16:15:08.847
Modified: 2024-11-21T06:41:25.280
Link: CVE-2022-1766
 Redhat
                        Redhat
                    No data.
 ReportizFlow
ReportizFlow