-
Hi
I have launched cve-bin-tool 3.3 on an old JAVA Spring 4 project, there is no exécution error, but report is empty ??
Severity │ Count │
├──────────┼───────┤
│ CRITICAL │ 0 │
│ HIGH …
-
Hello,
Scanning Gospatial/tegola:latest with [trivy scan](https://trivy.dev/) is reporting security issue marked as critical [CVE-2024-24790](https://avd.aquasec.com/nvd/2024/cve-2024-24790/)
It…
-
### Describe the issue
As part of our company's security policy, we run all our application through fortify scan. Fortify scan raised a flag in axios.js file where setAttribute('href' href) has been …
-
# What did you do? (required. The issue will be **closed** when not provided.)
I'm running the following command to populate the oval database:
`goval-dictionary fetch-ubuntu --dbtype=mysql --db…
-
ECR and Terraform now support a new option `image_scanning_configuration` that is missing from this module. We need to add support, and good defaults to allow security scans of ECR repositories:
**…
-
Building shadow-plugin-bitcoin seems to be virtually possible. I have:
1. Installed shadow v0.10.2, which required some patching of the shadow code and build system
2. Installed all of the old ver…
haasn updated
7 years ago
-
**What happened**:
I have an image based on alpine 3.20 and the scan fails. The error is:
`unable to find matches in DB: provider failed to inflate vulnerability record (namespace="alpine:distro:alp…
-
The current Database container was last updated ~2 years ago and should be updated, as it accumulated quite some security issues over the time, or upgrade to version 15, as this seems to be the latest…
-
When trying to install meshcentral the following vulnerabilities are reported. I think esp. the `underscore` dependency needs fixing.
```bash
$ npm install meshcentral
+ meshcentral@0.8.55
added…
-
**NOTE:** this list is no longer actively maintained; see https://github.com/tianon/gosu/issues/104#issuecomment-1358424738:
> With https://github.com/tianon/gosu/releases/tag/1.15, I've now got ht…