CNNVD-202509-2789 Information
Sep 17, 2025
cve
CNNVD ID
CNNVD-202509-2789
Related CVE
- CNNVD Published: 2025-09-17
Description (Chinese)
NeuVector是美国NeuVector公司的一套端到端的容器安全平台。该平台包括图像漏洞管理、准入控制和容器进程/文件系统保护等功能。 NeuVector存在安全漏洞,该漏洞源于使用简单且未加盐的哈希存储用户密码和API密钥,容易受到彩虹表攻击。
Description (English)
NeuVector is an end-to-end container safety platform for NeuVector in the United States. The platform includes features such as image gap management, access control and container process/document system protection. NeuVector had a security loophole, which stemmed from the use of simple, unsalted Hashi storage user codes and API keys and was vulnerable to rainbow watch attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
NeuVector
Published
2025-09-17
Last Modified
2026-02-24
References
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53884 https://github.com/neuvector/neuvector/security/advisories/GHSA-8ff6-pc43-jwv3
Patch
https://github.com/neuvector/neuvector/releases
Share on: