-
1. Many products at endoflife.date already link to repology (see [this search](https://github.com/search?q=repo%3Aendoflife-date%2Fendoflife.date%20repology%20path%3Aproducts%2F&type=code) for results…
-
# CodePen Demo
[https://codepen.io/David-Yongook-CHOI-Digital-Information-Team/pen/abryMBp?utterances=9a2eff74a6e927549ed332bfq819%2F01RQMowcta5Csqjpo1lci5KaXQYcfl%2F2GMB62CNYDuYD9rhtbjSVD7lyArS1wi…
-
## Description
Hello everyone.
Thanks for the OpenCTI software which is really great.
I want to try to replace OpenCVE with OpenCTI.
I have the CVSS and CPE connectors in place in OpenCTI.
…
-
## Goal
| User story |
|:---------------------------------------------------------------------------|
| As a Fleet customer,
| I want to better ensure that new vulnerabilities are reporte…
-
The current CPE regex seems to have some issues:
1. The CPE version are not restricted correctly. Instead of `^(CPE2.3|CPE2.2)$`, the pattern uses `^(CPE2.3)|(CPE2.2)$`. This allows values like `NO…
-
**Is your feature request related to a problem? Please describe.**
CPEs can relate to specific languages (aka platforms). Often CPEs are picked up for a language that is not the one being scanned, …
-
**What happened**:
I'm seeing nondeterministic behavior when using Syft as a library (in wolfictl) to generate SBOMs. I noticed this via new golden-file style tests we've introduced, to ensure we g…
-
**What happened**:
I am scanning ec2 with newest grype, and get the CVE-2019-10222 on ceph package.
however, I did a little research and I think it might be a FP, since the vulnerability doesn't see…
-
The `affected` array can contain `cpes`, but these are not associated with a version, version range, or status.
Consider this snippet of https://cveawg.mitre.org/api/cve/CVE-2024-0229:
```json
…
-
UPDATE 2024-06-22 - I (@philipmulcahy) have changed focus on this ticket from better parsing/display of transaction data harvested from order pages to leveraging the data from https://www.amazon.co.uk…