-
During differential fuzzing with [`github.com/pandatix/go-cvss`](https://github.com/pandatix/go-cvss) I discovered that your implementation does not properly computes CVSS v2 environmental scores (as …
-
:point_down:
-
## Description
NVD announced they now support CVSS v4.0. Trivy will consume it.
https://nvd.nist.gov/general/news/cvss-v4-0-official-support
### Discussed in https://github.com/aquasecurity/trivy…
-
From the release notes:
Fixed the NVD API related errors by adding cvssV4 support (#6756)
breaking changes: anyone utilizing a centralized database will need to upgrade the schema; see changes in …
-
The discussion in #370 reminded me that ADR-006 contains the following line:
> - Multiple versions of decision points will be "live and available for use" by folks modeling decisions unless explici…
-
Hi There!
I see that it is currently CVSSv3.1, will there be plans to incorporate v4.0?
Thanks in advance!
-
OWASP Client version: 9.0.8
We are seeing the services endpoint timeout from last couple of days
```
RUN /tmp/dependency-check/bin/dependency-check.sh --updateonly --nvdApiKey ${NVD_API_KEY} --n…
-
The attached file was generated with vulnogram.github.io
[CVE-0000-1234.json](https://github.com/user-attachments/files/16057307/CVE-0000-1234.json)
cvelib fails when trying to validate that file.…
-
The FIRST annouced CVSS 4.0 last month. NVD and JVN have not implimented it into Database yet, but it is just a matter of time.
Are you planning to add support for CVSS 4.0?
-
[INFO] Writing XML report to: dependency-check-report.xml
[Pipeline] dependencyCheckPublisher
12:11:08 Collecting Dependency-Check artifact
12:11:08 Parsing filedependency-check-report.xml
20:…