-
### Current Behavior
I collected the sbom of all rpm packages in the CentOS system through the syft(https://github.com/anchore/syft) tool, the format of the sbom file is cyclonedx-json, then I upload…
-
The [LULA](https://github.com/defenseunicorns/lula) project needs to consume our scan reports in JSON format.
-
Recently we have beeing seeing trivy action taking lot of time to Initialize the aqyasecurity trivy action(Build container for action use: '/home/runner/work/_actions/aquasecurity/trivy-action/0.20.0/…
-
The current implementation of the password manager saves user passwords without robust encryption or uses outdated encryption methods. This exposes a vulnerability where, if the password storage (data…
-
Veracode Software Composition Analysis
===============================
Attribute | Details
| --- | --- |
Library | Apache Log4j
Description | Apache Log4j 1.2
Language | JAVA
Vulnerabi…
-
Veracode Software Composition Analysis
===============================
Attribute | Details
| --- | --- |
Library | Apache Log4j
Description | Apache Log4j 1.2
Language | JAVA
Vulnerabi…
-
### Is this a possible security vulnerability?
- [X] This is NOT a possible security vulnerability
### Describe the bug
[PolarisApplicationConfig](https://github.com/apache/polaris/blob/cc58730a0c6…
-
Veracode Software Composition Analysis
===============================
Attribute | Details
| --- | --- |
Library | jackson-databind
Description | General data-binding functionality for Jac…
-
### Current Behavior
Currently, all vulnerabilities in the GitHub Security Advisories database do not have a CVSS score, even though they are available on the GitHub page.
For instance, `CVE-2019-1…
-
## CVE-2024-7024 - Critical Severity Vulnerability
Vulnerable Libraries - v88.3.47, v88.3.47
Vulnerability Details
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478…