-
# Desired Behavior
Dependency vulnerabilities should be known at build-time.
https://www.owasp.org/index.php/OWASP_Dependency_Check
Maven coördinates
```xml
org.owasp
dependency-c…
-
https://github.com/immauss/openvas/blob/f4f9cdb9390b42e3a5aa5138604f7d7ce50a2e0a/scripts/single.sh#L335
the correct code is:
https://github.com/netbix/openvas/blob/01925529f5db1d8037cade4e9a643e…
-
As per semantic versioning standards , pre release versions can contain hyphens but in lib4sbom we are changing the version by splitting the hyphens . Do we have any logical reason behind this like on…
-
### Desired Behavior
Use a supported Ubuntu release
### Contrast to Current Behavior
I'm using Trivy to scan image for vulnerabilities. and it stops with the next message:
```
2024-07-03T07:38:…
-
Update Radix applications
- [x] Radix Canary golang - https://github.com/equinor/radix-canary-golang/pull/24
- [x] Radix Cost Allocation API - https://github.com/equinor/radix-cost-allocation-api/pul…
-
Hi,
We are using this in our ci workflow for looking at vulnerable packages. We have remediated all the packages and currently there is no vulnerability but it is still throwing an error "_Vulnerabi…
-
### Summary of the new feature / enhancement
I would like a tool similar to the vulnerability scanner for .NET NuGet packages that works with PowerShell packages. Does such a tool exist or can we get…
-
### Abstract
The first phase of the vulnerability scanner allowed the general scanning of repositories. In order to make better and more precise conclusions out the results it is desired to improv…
-
With transitive pom.xml resolution landing soon in https://github.com/google/osv-scanner/pull/1028, we'll likely start to get a lot more vulnerability matches for Java projects.
IIUC, Java depende…
-
## 🎯 Aim
The purpose of this issue is to investigate the feasibility and added value of integrating the osv-scanner into our Django template project. This exploration will assess whether osv-scanner …