-
Hello,
while scanning our webmail site (running latest RainLoop), we found some vulnerabilities.
Updating relevant Javascript libraries should solve most of them: do you have this planned for an upc…
-
Hi,
there is at least one CVE around, which requie the attacker to have write access to the configuration. Now I saw another one and kind of lost track of it.
Not sure, but if it's not a single CVE …
-
One of our internal scanning tools identified the following CVEs present in the included graphviz library: CVE-2019-9904 & CVE-2019-11023. I haven't validated those but I do believe the library is a …
-
On scanning the logstash-oss:8.13.2 docker image, found the below vulnerability in it.
Type | Severity | CVSS | CVE | Package Name | Package Version | Fix Status
-- | -…
-
It would be a nice option to let user configure the list of `vulnerabilities to ignore` as action input. this can be either inline or the path to a file that contains the list.
either:
```yaml…
-
## Description
I tried scanning container image [18fgsa/s3-resource:latest](https://hub.docker.com/r/18fgsa/s3-resource) (a publicly available container image) with trivy and got total 93 unique (d…
-
We are using .Net 6.0 based Azure function Images and we have found multiple vulnerabilities in the base images during our aqua scanner scanning. These have not been addressed for more than a month no…
-
**Describe the bug**
I am scanning a requirements.txt file with dependency check v9.0.9.
In the output report, it reflects the package version that is being scanned but no vulnerabilities was detect…
-
Scanning our Docker image file, we have found a vulnerability in the spring framework which is rated as critical.
More information about this CVE:
- https://nvd.nist.gov/vuln/detail/CVE-2016-100…
-
**Fleet version**: all
### 💥 Actual behavior
The `vulnerabilities` feed build workflow is capable of pushing a release that panics Fleet server attempts to parse it (see #21239).
### 🧑💻…