-
Vulnerable Library - commons-io-2.2.jar
The Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
Librar…
-
## CVE-2016-5725 - Medium Severity Vulnerability
Vulnerable Library - jsch-0.1.42.jar
JSch is a pure Java implementation of SSH2
Library home page: http://www.jcraft.com/jsch
Path to dependency file…
-
## CVE-2018-1271 - Medium Severity Vulnerability
Vulnerable Library - spring-webmvc-4.1.9.RELEASE.jar
Spring Web MVC
Library home page: http://projects.spring.io/spring-framework
Path to dependency …
-
* terrascan version: 4422eb5 / v1.19.1
### Description
The github.com/hashicorp/go-getter package v1.7.0 has a CRITICAL vulnerability (CVE-2024-3817) and should be updated to v1.7.4.
### What…
-
* terrascan version: 4422eb5 / v1.19.1
### Description
The github.com/moby/buildkit package v0.8.3 has two CRITICAL vulnerabilities (CVE-2024-23652, CVE-2024-23653) and should be updated to v0.1…
-
## CVE-2016-5725 - Medium Severity Vulnerability
Vulnerable Library - jsch-0.1.42.jar
JSch is a pure Java implementation of SSH2
Library home page: http://www.jcraft.com/jsch
Path to dependency file…
-
## CVE-2017-7675 - High Severity Vulnerability
Vulnerable Library - tomcat-embed-core-8.5.15.jar
Core Tomcat implementation
Library home page: http://tomcat.apache.org/
Path to dependency file: /ope…
-
## CVE-2018-1271 - Medium Severity Vulnerability
Vulnerable Library - spring-webmvc-4.3.9.RELEASE.jar
Spring Web MVC
Library home page: http://projects.spring.io/spring-framework
Path to dependency …
-
I think it might be useful to include a link to the docs (e.g. https://find-sec-bugs.github.io/bugs.htm#PATH_TRAVERSAL_IN) in the generated report. I verified that this link can be found in the SARIF …
-
It would be nice to use Snyk Code (the scanning service freely available for open-source project) in the upstream CI of OpenScanHub.