-
### Description
As briefly discussed in #4058 ([this comment](https://github.com/intel/cve-bin-tool/issues/4058#issuecomment-2132269471) and further on), it seems like the `gcc` checker only report…
-
**Is your feature request related to a problem? Please describe.**
Right now, ALinux is on Python 3.9.16, but 3.9.17 is out. We are seeing a twistlock for 3.9.16, which our security guys argue could …
-
We set a `Github Code Scanning` workflow according to this:
```
name: build
on:
push:
branches:
- master
pull_request:
jobs:
build:
name: Build
runs-on: ubuntu-20.…
-
**Goal**: Implement automated scanning capabilities that are tool agnostic for identifying vulnerabilities in Kubernetes related artifacts, followed by a documented private triage process to resolve t…
-
![image](https://github.com/user-attachments/assets/19a45933-dc7d-4801-afd8-36041d726f7e)
-
I am detecting these issues with my tenable scanning:
- CVE-2023-5678
- Fix: Upgrade to >= OpenSSL 3.1.5
- https://www.tenable.com/plugins/nessus/185161
- https://nvd.nist.gov/vuln/detail/…
-
Our vulnerability scanner found these while scanning the [cube.js](https://github.com/cube-js/cube.js) Docker image. Here is a list of CVEs affecting lodash 3.10.1:
- CVE-2019-10744
- CVE-2021-23…
-
- [ ] https://github.com/captncraig/agent/security/code-scanning/16
- [ ] https://github.com/captncraig/agent/security/dependabot/2
- [ ] https://github.com/captncraig/agent/security/code-scanning/1…
-
Hi there,
The following CVEs have been reported by scanning kubegres:
Severity | CVE | Package | Fix
-- | -- | -- | --
HIGH | PRISMA-2022-0227 | github.com/emicklei/go-restful/v3 | v3.9.0 -> v3.10…
-
## Expected Behavior
There is no CVE found in the `temporalio/admin-tools` image.
## Actual Behavior
There are **30** vulnerabilities found for image temporalio/admin-tools:1.23.0, including 7 hi…