-
### Description
Application attempts to download [nvd statistics](https://nvd.nist.gov/rest/public/dashboard/statistics) despite nvd being disabled or nvd configured to use api v2.
### To reprod…
-
Hi team,
I would like to contribute the implementation for a plugin that detects CVE-2024-45216.
Vulnerability details:
Improper Authentication vulnerability in Apache Solr. Solr instances using the…
-
On ims-api and ldap-jwt-auth we don't pin sub-dependencies. There are cases where this could cause issues e.g. docker builds installing different dependencies when tags are pushed, or depndabot failin…
-
As per https://nvd.nist.gov/developers/start-here I believe it would be easy to integrate updating CVEs using that rather than how the current build script does it, from what I can see. Again, happy t…
-
**Is your feature request related to a problem?**
Having knowledge on the **changes** of a certain CVE **via the API** can trigger further actions (e.g. a CVSS has been finally added and the CVE is n…
-
Hi,
obviously loading the whole NVD database for every pipe run is a bad idea. So I thought how to improve it without requiring too much effort or even costs for hosting etc.
Then I came acros…
-
The goal of the task is to implement standalone database API like the OSV one for:
- [ ] GitHub
- [x] Snyk
- [ ] Sonatype
- [ ] NVD
The main idea behind that is to use them to refactor strate…
-
[This JSON schema](https://github.com/cloudevents/spec/blob/main/cloudevents/formats/cloudevents.json) generates the following types and `UnmarshalJSON` method:
```go
// CloudEvents Specification …
-
Hey,
Thanks for this crate.
I was using it to generate some code based on the following NVD schema: https://csrc.nist.gov/schema/nvd/api/2.0/cve_api_json_2.0.schema
It would be useful to add…
-
### Description of the new feature / enhancement
winget should be able to check if there are known vulnerabilities for installed applications.
### Proposed technical implementation details
Similar …