CVE-2025-53194High
ANC
ANC
Anchore Vulnerability Database overrides
Supplementary feed layered on top of upstream sources. Anchore maintainers publish override records to suppress known false positives and fill CPE/PURL gaps that would otherwise cause Grype and similar scanners to mis-report a system.
Region
US
Updates
6 ч
License
Apache-2.0
Curated corrections to the Anchore/Grype vulnerability database: false-positive suppressions, missing CPE mappings and distro-specific backport fixes.
https://github.com/anchore/grype-db →Share link
Anyone with the link can open this vulnerability.
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Code Injection.This issue affects JetEngine: from…
CVSS
8.5
High
EPSS
0.00
p26
Published
2025-01-01
Updated
2025-01-01
Description
Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Code Injection.This issue affects JetEngine: from n/a through <= 3.7.0.
Tags · CWE
CWE-82
CWE-82VariantIncomplete
Improper Neutralization of Script in Attributes of IMG Tags in a Web Page
The web application does not neutralize or incorrectly neutralizes scripting elements within attributes of HTML IMG tags, such as the src attribute.
https://cwe.mitre.org/data/definitions/82.html →Open in CWE collection →Affected products
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Timeline
2025-01-01
Published
2025-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: H
High (H)
Privileges Required
PR: L
Low (L)
User Interaction
UI: N
None (N)
Scope
S: C
Changed (C)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.003 · p26
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Source databases
ANC
ANC
Anchore Vulnerability Database overrides
Supplementary feed layered on top of upstream sources. Anchore maintainers publish override records to suppress known false positives and fill CPE/PURL gaps that would otherwise cause Grype and similar scanners to mis-report a system.
Region
US
Updates
6 ч
License
Apache-2.0
Curated corrections to the Anchore/Grype vulnerability database: false-positive suppressions, missing CPE mappings and distro-specific backport fixes.
https://github.com/anchore/grype-db →