-
## Summary
As part of our onboarding process we scan for fixable critical vulnerabilities the image we consume.
We detected the lates version of `argocd-extensions` version `v0.2.1` contains cri…
-
### Is your feature request related to a problem? Please describe.
`zot` has support for OCI artifacts (v1.1.0) and when a SBOM is pushed, we can leverage the SBOM scanning ability from trivy to do:
…
-
Currently RHEL CVE feeds are not being used, so scanning RHEL/Scientific linux results in "cannot perform CVE scan: no CVE data is currently available for the detected base distro type (redhat:6,redh…
-
Hi, thank you for developing SCAPinoculars, this is very useful !
I would like to suggest an additional type of report for vulnerabilities (oval), in addition to compliance (xccdf) reports.
http…
-
**Fleet version**:
4.50.3
**Web browser and operating system**:
Current browser and OS
### 💥 Actual behavior
False reporting for CVE-2020-10109: Twisted Web / python3-twisted
.deb version is not…
-
### Describe what happened
Our scanning jobs have identified a new CVE "[CVE-2024-24791](https://www.cve.org/CVERecord?id=CVE-2024-24791)" in the pulumi-std v1.7.2. This is an issue with the Go stand…
-
Describe the bug
----------------
ClamAV 1.2.1/27129/Wed Dec 20 11:38:37 2023
Then running scan on bigger container files like pptx, scan takes ages. For example 75Mb pptx file
on my MacBook p…
-
An update to your vulnerability database on 18 Sep 2023 causes the latest version of scrapy (2.11.0) to be flagged by mistake. Your code scanning tool cites a 2017 CVE that hasn't been updated since S…
-
CVE scanning is now done as a task, the cve_scanner package is of no use. Let's remove it so that we don't have to maintain it any more.
-
_As these are implemented, please edit this field to include the PR that implements it within the wishlist below:_
- [x] ~Consider switching json column processing to bson or another format that is…