-
NVD's CVEs aren't getting pulled correctly for CVE Comparison, it's using an outdated endpoint for grabbing all CVEs. We need to switch to NVIP's 2.0 API for proper comparison.
All CVEs in NVD should…
-
[OpenSSL's versions](https://wiki.openssl.org/index.php/Versioning) aren't being normalized very well, by the [Go code](https://github.com/google/osv.dev/blob/0d63403cba8bbb76055fd7791c4b5367c37fcac9/…
-
### Current Behavior
We have recently performed SBOM analysis and Dependency Track is not assigning the severity for many CVEs, even though the OSSIndex has it assigned.
Example.. (many more if you …
-
Hello i get this error message when i try to update database my OS is
Linux kali 6.11.2-amd64 #1 SMP PREEMPT_DYNAMIC Kali 6.11.2-1kali1 (2024-10-15) x86_64 GNU/Linux
pip list …
-
https://repology.org/security/recent-cpes seems to be the only page that exposes CPE information currently. It would be nice if CPE information was included in other places:
1. `/project/:project/i…
-
the binary go-replace has a lot of security issues See list at the end of the issue.
I suggest to use the sed command instead of go-replace
Real exampel For that particular file :
https://githu…
-
Hey, there! 👋
On one of our security scans, some vulnerabilities were found in the module `dbatools.library` version `2024.4.12` (latest) regarding the package `system.private.uri` version `4.3.0`…
-
### Host operating system: output of `uname -a`
n/a
### node_exporter version: output of `node_exporter --version`
1.8.2
### node_exporter command line flags
n/a
### node_exporter lo…
-
(https://nvd.nist.gov/vuln/detail/CVE-2021-21368)
-
## Vulnerabilities found for kfam:1.9.0
```
For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that y…