-
### Current Behavior:
Dependency-Track does not provide information on the source of the data for a threat. Neither does it provide timestamps so that one can see when a threat was first identified …
-
We currently support multiple sources of vulnerability intelligence, among them the NVD, OSS Index, GHSA and VulnDB. In some cases, we perform the actual vulnerability scanning (e.g. NVD, GHSA), in ot…
-
Our infrastructure team is asking what firewall configurations are required for DependencyTracker to do its job (target IP / FQDN, port, and whether TLS is used, i.e HTTP or HTTPS).
The DT document…
-
Advisory [GHSA-jjxf-26c9-77gm](https://github.com/advisories/GHSA-jjxf-26c9-77gm) references a vulnerability in the following Go modules:
| Module |
| - |
| [github.com/hashicorp/vault](https://pkg.g…
-
Advisory [GHSA-h92q-fgpp-qhrq](https://github.com/advisories/GHSA-h92q-fgpp-qhrq) references a vulnerability in the following Go modules:
| Module |
| - |
| [github.com/coredns/coredns](https://pkg.g…
-
vuln.db有几个错别字!
X.X.X.X | IP转发功能未禁用 | 中危 | IP转发在非路由器或防火墙的机器上可用。 | 如果该设备为路由器或防火墙,则可忽悠该问题; 否则建议关闭IP转发功能。 |
-- | -- | -- | -- | -- | --
忽悠-忽略
自己用sqllite数据库编辑器更正过来,谢谢
-
### Report ID
GO-2022-1039
### Suggestion/Comment
The content of the warning is:
> calls regexp.MustCompile, which eventually calls regexp/syntax.Parse
My code does indeed call `MustCompile`,…
-
Advisory [CVE-2024-47062](https://nvd.nist.gov/vuln/detail/CVE-2024-47062) references a vulnerability in the following Go modules:
| Module |
| - |
| [github.com/navidrome/navidrome](https://pkg.go.d…
-
Advisory [GHSA-jfvp-7x6p-h2pv](https://github.com/advisories/GHSA-jfvp-7x6p-h2pv) references a vulnerability in the following Go modules:
| Module |
| - |
| [github.com/opencontainers/runc](https://p…
-
mds-MacBook-Pro:~ mdnawazuddin$ cd w3af/
mds-MacBook-Pro:w3af mdnawazuddin$ ./w3af_console
Your python installation needs the following modules to run w3af:
pyclamd github git.util pybloomfilte…