-
Dear Team,
After detailed investigation for Docker container vulnerabilities reported under https://github.com/microsoft/openjdk-docker/issues/113 - it appears that ones with severity critical and hi…
-
I also want to save CVSS information
example:
epssdb.cvedb
- cveid
- basescore
- vector
refer to CVEProject/cvelistV5 .
-
### Description
Provide a mirroring script for "grab the json and validate it" (or "validate existing json on disk") since we have the code for that but it's hard to trigger on its own.
- Validati…
-
The enhancement may already be reported! Please search for the enhancement before creating one.
### Current Behavior:
Currently feeds are downloaded as whole file
### Proposed Behavior:
Use NV…
-
Current Status:
If I create a component or import a list of components I will have the issue that from time to time my vendorname or productname does not fit the NVD writing, or i cant provide a cpe …
-
I'm using Dependency Track "for real", monitoring several products and hundreds of components.
Sometimes DTrack does not report a vulnerability I know is applicable. The reason is that the "affecte…
-
https://nvd.nist.gov/vuln/detail/CVE-2024-41110
https://nvd.nist.gov/vuln/detail/CVE-2024-5535
-
Would it be possible to foresee an upgrade to [OWASP DependencyCheck v9.0.1](https://github.com/jeremylong/DependencyCheck/releases/tag/v9.0.1)? The main driver for this is the update for the new NVD …
-
See https://github.com/eXist-db/exist/pull/5386#pullrequestreview-2213848657
I tried a lot, for develop all works OK, for 6xx is it not....
${env.NVD_API_KEY} in parent/pom.xml
-
|Wazuh v4.7.0|Vulnerability Detector|test VM|Manual install|RockyLinux 9.3|
If I am not mistaken Wazuh supports the file based V1.1 API of the NIST nvd data-feeds (https://nvd.nist.gov/vuln/data-fe…