-
### Background
Security scanning is a valuable way to find issues with our images, but we are not doing it consistently or methodically.
- Very often issues are brought up by users who are tryin…
-
In GitHub Security Advisory [GHSA-cm9x-c3rh-7rc4](https://github.com/advisories/GHSA-cm9x-c3rh-7rc4), there is a vulnerability in the following Go packages or modules:
| Unit | Fixed | Vulnerable Ran…
-
### Acknowledgement
- [X] The maintainer(s) of the affected project have already been made aware of this vulnerability.
### Description
I just wanted to make you aware that currently the CVEs are s…
-
Hi,
After upgrade my plugin for the lastest version 10.0.2, I'm still receiving this error below.:
Installing dependency check from /var/lib/jenkins/caches/dependency-check/LINUX/10.0.2.tar.gz t…
-
I didn't find an issue with the os-support label (or any else regarding this). Support for Alpine 3.15 ended yesterday. Is there already a tracking issue? Is it planned to be dropped for .NET 6.0 and …
-
# Describe the bug #
We are getting many reports against Ceph CSI image and the vulnerabilities it hold. it is required/better to address as much as we can.
as part of this effort I have started …
-
# 💡 Summary #
Sometimes vulns are removed from the KEV list, and it makes sense to track that information.
## Motivation and context ##
Why does this work belong in this project?
This reposi…
-
### Current Behavior
VulnDB is an important vulnerability database that provides great benefit to Dependency Track. Although we can see the issued CVE ID in the References area, it is not used as a…
-
Feature-tracking issue dependent on #131
* possibilities
* [NIST API](https://nvd.nist.gov/developers/vulnerabilities)
* [CSAF](https://oasis-open.github.io/csaf-documentation/)
-
Several companies are working on HTTP/3 support, including on NGINX.
What are the plans related to support this new and exciting protocol?
One first step would be to enable it with https://githu…
pdiaz updated
2 weeks ago