Home > Vulnerability Database > CVE-2025-65965

Mend.io Vulnerability Database

CVE-2025-65965

Good to know:

Date: November 25, 2025

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json=<file> option, the registry credentials will be included unsanitized in the output file. This issue has been patched in version 0.104.1. Users running affected versions of grype can work around this vulnerability by redirecting stdout to a file instead of using the --file or --output options.

Severity Score

7.1

Related Resources (7)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-65965

Url: https://github.com/anchore/grype

Url: https://github.com/anchore/grype/pull/3068

Url: https://github.com/anchore/grype/security/advisories/GHSA-6gxw-85q2-q646

Url: https://github.com/anchore/grype/commit/39f7fa17af2739cafe9b27176d4a68f7c05f21c1

Url: https://github.com/anchore/grype/commit/c99f79de49a58dc16d7fd8f35160b169b87db9de

Url: https://www.mend.io/vulnerability-database/CVE-2025-65965

Severity Score

7.1

Weakness Type (CWE)

Improper Removal of Sensitive Information Before Storage or Transfer

CWE-212

Top Fix

Upgrade Version

Upgrade to version github.com/anchore/grype - v0.104.1

Learn More

CVSS v3.1

Base Score:	7.1
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-65965

Good to know:

Date: November 25, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?