-
Red Had intend to publish new advisories in new format, Vulnerability Exploitability eXchange (VEX), instead of OVAL.
https://www.redhat.com/en/blog/vulnerability-exploitability-exchange-vex-beta-fil…
-
## Description
I would like to open a discussion regarding the file path convention for storing OpenVEX files within a Git repository. In the example of [Cilium](https://github.com/cilium/cilium/blob…
-
Hello!
Your Vexed app version `1.0.1` fails to build with the SDK version `0.103.0-rc f7`. Please update the app in your repository and create a new pull request to the catalog repository with the up…
-
From today's SPWG meeting, the current CVE JSON format (unsurprisingly) almost implements VEX, as defined here:
https://www.cisa.gov/sites/default/files/2023-04/minimum-requirements-for-vex-508c.pd…
-
Introduce VEX Import (VEX Ingest) capability to DejaCode
Refer to #15 for background details, especially the suggested improvements to the DejaCode Product and Product Package models.
The in…
-
### Have you checked if a similar issue is already reported by someone else?
- [X] I checked there are no similar issues have been reported.
### Have you read the support policy?
- [X] I read it an…
-
In order to support exchanging information about known security vulnerabilities for a project
an _ORT_ reporter shall be implemented which creates a _VEX_ document according to the _Open VEX_ specifi…
-
Introduce VEX Support to DejaCode
- enhance data model to support a Product VEX List
- provide Export capabilities to product VEX documents that comply with industry-recognized formats
Here are…
-
I see a few closed issues on this topic indicating that DDR in Zynq (Pynq-Z2) cannot be used because it is not accessible from PL.
When I look at the Zynq7 block design I see 4 AXI 32/64b ports from …
-
* related: #3995
In #3969, @mastersans has added a TRIAGE.vex file. Right now it marks our false positives but doesn't give a whole lot of detail as to why these things are false positives. In mo…