-
From a [CISA VEX WG mailing list thread](https://groups.google.com/g/cisa-sbom-vex/c/qmvza5Evu3I) proposing a new VEX status:
2.7.1.5 Risk Accepted (“risk_accepted”)
The [author] of the VEX stat…
-
Hello!
Your Vexed app version `1.0.1` fails to build with the SDK version `0.101.0-rc f7`. Please update the app in your repository and create a new pull request to the catalog repository with the up…
-
vex.flow 4 has a simpler construct for drawing staffs with notes
https://github.com/0xfe/vexflow/blob/master/CHANGELOG.md
https://github.com/0xfe/vexflow/wiki/Using-EasyScore
-
The known vulnerabilities inherited from the use of third-party and open source software and the exploitability of the vulnerabilities can be communicated with CycloneDX. Previously unknown vulnerabil…
-
### Problem Statement
Attestations fetched from OCI registries can be checked using the `attestations` block with conditions. However, its not possible to check values across two different attestatio…
-
Hi all,
I think your are already busy :), but is there any change that you would implement the following operations:
```
ERROR | 2017-02-25 06:33:06,901 | simuvex.vex.irop | Unsupported operati…
-
The current version reads:
> As an example, consider the following evolution of a hypothetical impact analysis:
>
> 1. A software author becomes aware of a new CVE related to their product. Immed…
-
When vexctl merges documents that have the same CVE ID, even if the affected products/subcomponents are the same, the new document will contain one statement for each CVE ID merged. For example, suppo…
-
Currently specVersion is a [string](https://github.com/CycloneDX/specification/blob/master/schema/bom-1.6.schema.json#L25). This is creating confusion when consuming tools treat this value as both str…
-
![1](https://user-images.githubusercontent.com/18241022/38350748-3d079d62-38df-11e8-8ec3-c2c99e005102.png)
const componentContext = { message: 'Hello Modal' };
const dialogRef = this.modal…