-
**Describe the bug**
The SNYK vulnerability scan picked up some packages with exploits.
**To Reproduce**
Run vulnerability scan for the dependencies
**Expected behavior**
Dependency packages …
-
I am importing manually snyk scans created using `snyk test`. Occasionally I get the following error message:
`An exception error occurred during the report import:'priority' `
After I get the a…
-
We should have a build pipeline that:
1. Performs SAST
2. Scans for known vulnerabilities
3. Generates/publishes an SBOM
4. Builds/Publishes an OCI image
-
Though it may not be exploitable, the noise created by Snyk image scans which contain the agent would be very nice to fix.
Name : com.fasterxml.jackson.dataformat:jackson-dataformat-cbor
Version :…
-
Welcome to CNCF Project Onboarding!
This is an issue created to help onboard your project into the CNCF after the TOC has voted to accept your project.
We would like to complete onboarding within on…
-
There is a new vulnerability being reported by azure/container-scan and trivy on our builds: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097
Also flagged by Snyk at: https://snyk.io/test…
-
Some scan types parsed by DefectDojo are able to specify multiple CWEs for a single issue/vulnerability. For example, the Snyk scan format contains a `identifiers.CWE` field that contains a list of CW…
-
Was wondering if there's any plans to also include Backstage integration? It would be great to have a Backstage plugin similar to the one synk created: https://github.com/snyk-tech-services/backstage-…
-
Per old agenda AI
- snyk for dependaBot type of checks
- look into adding a bot that scans for security issues too
-
**Describe the bug**
When the LeakIX boefje retrieved data and parsed this into findings it shows the finding, however the host for which this finding is applicable, is missing in the Finding name. A…