-
Do we have alternative packages to csurf? it seems unmaintained, and recently a vulnerability was discovered.
https://snyk.io/vuln/SNYK-JS-CSURF-3021144
Given the popularity of this package, the …
-
[link]https://sn1persecurity.com/[/link]
[short_descr]Attack Surface Management Platform.[/short_descr]
[tags]allinone,scanner[/tags]
[long_descr]Integrate with the leading commercial and open so…
-
I just downloaded caddy for amd64:
```
$ ./caddy version
v2.7.5 h1:HoysvZkLcN2xJExEepaFHK92Qgs7xAiCFydN5x5Hs6Q=
$ ./caddy build-info | grep google
dep github.com/google/cel-go v0.15.1 h1:iTgVZor2…
-
### Description
Trivy is unable to detect CVE-2023-31419 for elasticsearch-7.10.2.jar
### Desired Behavior
Grype is able to report, Trivy should also report
grype elasticsearch-7.10.2.j…
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/5573
Originally posted by **navzen2000** November 14, 2023
### Description
Trivy is unable to detect CVE-2023-31419 for el…
-
**Hello, everyone**,
I am new to the world of scanning and I am studying different vulnerability scanners for my thesis and I also stumbled upon **Nmap**!
`My graduate project is to take several…
-
https://github.com/go-jose/go-jose/releases/tag/v3.0.1 reports a DoS in code that is called by ocicrypt.
Typically I wouldn’t expect users to want to DoS themselves, but updating would at least sil…
-
### What would you like to be added?
[This patch PR](https://github.com/kubernetes/kubernetes/pull/118036/files) was applied earlier this year to k8s >=1.28. As a vulnerability that shows up in the F…
-
### Environment
7.20.0-alpha6
### Description
Consider removing 3rd party dependencies from **camunda-bom**.
While reading **camunda-bom** pom.xml I noticed it includes dependency management f…
-
### Current Behavior
No support for trivy
### Proposed Behavior
Trivy is one of the most performant analysers with really good results.
Dependency track should be able to use it and collect its re…
fnxpt updated
8 months ago