-
-
### Describe the bug
I installed the JFrog VS extension v2.1.2 in my Visual Studio Enterprise 17.11.6. After solving some problems with the authentication, it seems to work "in principal", but is ver…
-
I thought this would be easy but I was wrong. Consider the following Github action:
```yaml
name: Daily Pull and Vulnerability Scan
on:
schedule:
- cron: "0 0 * * *" # Runs daily at mi…
-
#### Description:
Currently, OSV-Scanner does not provide an option to filter vulnerabilities by their CVSS score directly in the configuration file (`config.toml`). This feature would greatly enhanc…
-
Set up a hook to automatically run security scans on the codebase and dependencies to identify and resolve vulnerabilities.
-
Running a [Qualys](https://www.qualys.com) vulnerability scan on a SDK installation yields several vulnerability results from NuGet package references. These are showing up in Qualys scans of the offi…
-
### Describe the bug:
While scanning for SSRF vulnerabilities using OWASP ZAP, I encountered an issue where detected vulnerabilities appear in the Alerts section, but are not reflected in the Active …
-
Slack - https://owasp.slack.com/archives/C2P5BA8MN/p1732583494245009
It's possible when getting **Mend Legacy SCA JSON Project vulnerabilities from 1.4 API** that Locations will contain many values…
-
Hey, there! 👋
On one of our security scans, some vulnerabilities were found in the module `dbatools.library` version `2024.4.12` (latest) regarding the package `system.private.uri` version `4.3.0`…
-
# Be Aware of Security Issues Raised by Spring Boot Actuator - Spring Cloud
Recently, we have been particularly disturbed by various security vulnerabilities, and we receive dozens of emails a week f…