-
## Description
I'm almost certain that I'm doing something wrong with trivy, but I'm getting a false-negative from Trivy for CVE-2021-22448. My test looks like this:
```sh
➜ trivy-test docker …
-
hello,I want to detect sqlinjection in springboot project using mybatis xml mapper,like this:
```
id, detail
select
from info
where 1
…
-
Issue Type: Bug
System.out.nに問題ありとは?
VS Code version: Code 1.63.2 (899d46d82c4c95423fb7e10e68eba52050e30ba3, 2021-12-15T09:40:02.816Z)
OS version: Windows_NT x64 10.0.19044
Restricted Mode: No
Sy…
-
### Description
As part of the epic https://github.com/wazuh/wazuh/issues/7749, we implemented a mechanism to have an inventory of the CVEs that affect each agent in which the Wazuh agents are inst…
-
hello,I want to detect sqlinjection in springboot project using mybatis xml mapper,like this:
`
id, detail
select
from info
where 1
…
-
### Issue Description
Under project page there is Audit tab for auditing vulnerabilities. On some project I realized that there is duplicate vulnerabilities listed. This also affects Fortify Integrat…
eyups updated
3 years ago
-
**Slack us first!**
https://owasp.slack.com/archives/C2P5BA8MN/p1627056588112000
here is describe my problem ^
**Be informative**
I upgraded from 1.15 to 2.0.3
I have deduplication on endpoints…
-
Back in 2016 an idea of having a `__vulns.json` file in vulnerable applications came up and was prepared by members of the OWASP ZAP, VWAD and Juice Shop teams. It was supposed to allow scanners/tools…
-
## CVE-2020-14062 - High Severity Vulnerability
Vulnerable Library - jackson-databind-2.9.7.jar
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://…
-
## CVE-2020-14060 - High Severity Vulnerability
Vulnerable Library - jackson-databind-2.9.7.jar
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://…