-
## CVE-2023-36414 - High Severity Vulnerability
Vulnerable Library - azure.identity.1.7.0.nupkg
This is the implementation of the Azure SDK Client Library for Azure Identity
Library home page: https…
-
**Describe the solution you'd like**
Included with each tech found, indicate if it's vulnerable and a link to the vulnerability such as a CVE. Expose this data in such a way that another tool, such a…
-
I have generated the cache folder with the .json.gz files. But I'm with facing issues related to how I can use that, because all times so far, I am getting issue related to `NOT IN GZIP FORMAT`.
So I…
-
https://github.com/nexB/vulnerablecode/pull/782 added support for the NVD importer, but other importers have this information too and should be enhanced to report it.
-
Because of this new behaviour, it cause side effect as below
```
❯ ./gradlew dependencyCheckAnalyze
> Configure project :
w: file:///Users/nicoarianto/Repositories/minden.ai/consumer-bff/build.g…
-
## CVE-2018-14040 - Low Severity Vulnerability
Vulnerable Library - bootstrap-3.3.2.jar
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /api/pacman-api-auth/pom.x…
-
I have internet completely blocked at my organization, but I am able to whitelist certain hostnames.
What are all hostnames that CLI tool reaches out to on the internet?
-
The NIST announced that they will deprecate the NVD data feeds (incl. JSON) and fully switch to an API model:
https://nvd.nist.gov/vuln/data-feeds
https://nvd.nist.gov/general/news/api-20-announcem…
-
### Current Behavior
The password for the admin account has to be update once the application starts for the first time.
The different vulnerabilities datasources: NVD, GitHub advisories, OSS Index,…
-
## Problem
As a vulnerability analyst, it is difficult to determine which data source is linked to vulnerabilities (CVEs) raised in Fleet. This is an important datapoint when determining whether or no…