-
**What happened**:
OWASP dependency track is not listing vulnerabilities (cyclone dx format) from grype , syft is working however . Grype cyclonedx sbom only listing components.
**What you expect…
-
### What happened?
just installed the dependencies for my first amplification build and was greeted with this message for
`npm audit`
`
dicer *
Severity: high
Crash in HeaderParser in dicer …
-
**Describe the bug**
ibm.power_aix.flrtvc module ignores instruction type in protocol variable
```
bash-4.2$ ansible-playbook AIX_vulnerabilty_patching.yml -i Inventories/krishna_tiwari.aInv -l "…
-
What scanner and version reported the CVE?
Internal Tools
What CVE was reported in the scanner findings?
Go (go) Security Update for gopkg.in/yaml.v3 (GHSA-hp87-p4gw-j4gq)
https://github.co…
-
Inside the docker official images 2.4.4 and 2.4.5 we see some critical and high vulnerabilties, can you fix.
+----------------+----------+------+-------------+-------------------------+--------+---…
-
```
Hello Twistlock tenants,
The DOTS team has upgraded twistlock to the latest version: 22.06 and have migrated all of your data.
As we stated before in previous coms, some data would not mi…
-
Hi @jeremylong
Good day, After a project is build in dependency check, we could see duplicate CVEs reported on the application which makes the vulnerabilities number increased. Is this the normal be…
-
Once the SBOM (Software Bill Of Materials) is available as app resource, we need to match it against a trusted database of known vulnerabilities in Java packages.
-
- [ ] load theme css from file from dc scheme (make sure to not forget support for custom themes, maybe just rewrite the file path to the configured theme. (theme-manager still needs to modify the css…
-
Article at https://github.com/MystenLabs/ed25519-unsafe-libs mentions potentially unsafe ed25519 signature libraries that allow a public api where secret and public key can be provided independently a…