-
CWE-1243 Missing OBEX
-
### Product
Amazon Linux 2023
### Package
awscli-2
### Why do you need this package?
AL2023 minimal AMI has awscli-2 ,can this package made it available in container image as well. We have to ma…
-
Version 1.2 (http://docs.oasis-open.org/csaf/csaf-cvrf/v1.2/cs01/csaf-cvrf-v1.2-cs01.html#_Toc493508771)
section 6.9
The words say:
> « The vuln:CWE element MUST be present zero or one time in an…
-
I think CWE mapping is not useful/valuable at the moment. Sometimes it's useful to validate, is it correlating with ASVS requirement text but in big picture - is this mapping actually used?
At the …
-
https://cwe.mitre.org/data/definitions/410 Insufficient Resource Pool
-
[replace-in-file](https://www.npmjs.com/package/replace-in-file) uses [glob](https://www.npmjs.com/package/glob) ^8.1.0, which uses [inflight](https://www.npmjs.com/package/inflight) which is a vulner…
-
We have hundreds of
Heuristic SQL Injection CWE-89
but we do not have any SQL at all.
It would be great to disable a CWE check by config or as interactive mode for all findings of that CWE
![…
-
Some scan types parsed by DefectDojo are able to specify multiple CWEs for a single issue/vulnerability. For example, the Snyk scan format contains a `identifiers.CWE` field that contains a list of CW…
-
**`Severity Threshold: 🔵 MEDIUM`**
# 1 Potential vulnerability sources found within this repo
| `🔴 CRITICAL` | `🟡 HIGH` | `🔵 MEDIUM` | `⚪ LOW` |
|-|-|-|-|
| 1 | 0 | 0 | 0 |
**`ID: 01JB0Q1PJ1QGZX8S…
-
Hello :smile:. I recently discovered (thanks to my teacher) a `-fanalyzer` flag of gcc10.2 and decided to try it on a big project as vim :fire:. I'm student, and not very experienced with contributing…