-
## Issue description / feature objectives
Update the trestle release process to assure that the below OpenSSF Best practice is complied with.
```
OpenSSF Best Practice:
The release notes MUS…
-
**Is your feature request related to a problem? Please describe.**
I'm looking to reduce the number of false positives from SCA vulnerabilities by performing function-level reachability analysis. How…
-
Dear @jan-kiszka I see a [thread](https://lore.kernel.org/all/a2be4fef-a4f4-4cec-a293-e7ed25946653@siemens.com/T/) in which you are speaking about CVE check in cip-core / debian.
My guess is to pe…
-
I suggest we simplify and evolve the API to a version 2 that would return this data shape, when querying the packages/ endpoint for one or more PURLs.
We would enable filters based on PURL compone…
-
I have scanned following image, and found some vulnerabilities. This is from master branch
apachepinot/pinot:1.2.0-SNAPSHOT-ddce06f9cc-20240620-17-ms-openjdk
below critical and high vulnerabilit…
-
openvas Version 23.2.1
faraday community edition: 5.5.0
Running the community docker
I failing to import reports from openvas using the option to export reports from openvas community edition as …
-
Hey all, similar to https://github.com/cisagov/vulnrichment/issues/97 I'm curious to know how you arrived at a high severity for
https://nvd.nist.gov/vuln/detail/CVE-2024-46503
The poc's listed read …
-
Currently PyFCM lists `aiohttp==3.8.6` as a required dependency, however such version of the aiohttp library does not support Python 3.12. aiohttp of version 3.9.0 does support Python 3.12. Is it poss…
-
# Description
A [user](https://wazuh.slack.com/archives/C07CCCCGHHP/p1726500297099159) reported that the scanner was not working properly
After troubleshooting, the user shared the configuratio…
-
Please update System.Security.Cryptography.Pkcs to mitigate vulnerability in System.Formats.Asn1 - https://nvd.nist.gov/vuln/detail/CVE-2024-38095