-
Hi,
obviously loading the whole NVD database for every pipe run is a bad idea. So I thought how to improve it without requiring too much effort or even costs for hosting etc.
Then I came acros…
-
## Description
A community user has reported that version 4.8.0 of the vulnerability detector incorrectly reports some vulnerabilities. This issue aims to investigate these reports, verify the accu…
-
The NVD does contain fix-commits for some CVEs: extract them and represent them as statements.
-
While conducting a deeper analysis of your repository to compare it with the NVD (National Vulnerability Database) in terms of usability and available information, with the goal of making life easier …
-
The security scan of the Prometheus Alertmanager image quay.io/prometheus/alertmanager:v0.27.0 has identified multiple vulnerabilities. These issues need to be addressed to ensure the security of the …
-
### Current Behavior:
A project using php's composer and depending on a package with vulnerabilities:
`phpmailer/phpmailer:5.2.8`
concerned with
https://nvd.nist.gov/vuln/detail/CVE-2021-3603 (fo…
-
**Describe the bug**
Known vulnerabilities within the Dockerhub Wetty latest image when tested with the **Trivy** tool. The results are:
```
wettyoss/wetty:latest (alpine 3.16.2)
Total: 0 (UN…
-
A community user on Wazuh 4.8.0 has reported that version 4.8.0 of the vulnerability detector incorrectly reports some vulnerabilities. This issue aims to investigate these reports, verify the accura…
-
**Please provide a set of steps on how to reproduce the issue**
1. Run the install command on recent Kali Linux
curl -sSfL https://raw.githubusercontent.com/anchore/grype-db/main/install.sh | sh…
-
CVE-2022-40154
CVE-2022-40155
CVE-2022-40156
CVE-2022-41852
CVE-2022-40157
CVE-2022-40158
CVE-2022-40161
CVE-2022-41946