-
Traspaso Lucas Sartori - Camilo Pereyra
-
**What happened**:
- We have created a CycloneDX-JSON of our Nexus installation with the last Syft version.
- The UserAgentUtils library version 1.21 is found there as a dependency.
- We have imp…
-
The error doesn't happen every time. But does happen frequent enough.
OS:
NAME="SLES"
VERSION="12"
VERSION_ID="12.5"
PRETTY_NAME="SUSE Linux Enterprise Server 12 SP5"
ID="sles"
ANSI_COLOR="0…
-
[Sample XML Output](https://jsonformatter.org/xml-parser/42e42e) where TCP ports have cpe attribute which is not accessible right now.
-
(thanks buzz)
-
**What happened**:
For the following package, the licenseDeclared is not as per the SPDX license list https://spdx.org/licenses/
```
{
"name": "libbsd",
"SPDXID": …
-
Hello.
In the DependencyCheck I'm getting alerts for CVE-2007-1651 and CVE-2007-1652 vulnerabilities referred to **Microsoft.IdentityModel.Protocols.OpenIdConnect** package (performing dll scanning…
-
Exception -
NotImplementedError: Style of version 2.3 of CPE not implemented
CVE-2014-5606 - cpe:2.3:a:disney:where\\'s_my_perry?_free:1.5.1:*:*:*:*:android:*:*
CVE-2014-5607 - cpe:2.3:a:disney:whe…
-
Provide a command line interface to guess the cpe from a software/product name. CPEs are not always available from vendors and there is a manual work to find the correct CPE. The idea is to provide a …
-
### Request Description
Hello,
I'm wondering how to add custom entries to the VDB database so that depscan will find these custom vulnerable dependencies when scanning.
I see that VDB5 uses jsondb…