-
First, I scanned a particular json file using the command below. This json file contains two versions of openssl (1.0.2u, 1.1.1f).
"cve-bin-tool --sbom spdx --sbom-file -f csv -o cve-bin-tool_sbomsc…
-
Not sure if it's a bug or by design
Got an error when updating to .NET 9 Preview 6, I use `true` for my project
```
error NU1903: Warning As Error: Package 'System.Formats.Asn1' 6.0.0 has a kno…
-
**Describe the bug**
While scanning my node.js application's manifest file using Vulert.com for vulnerability checks, I identified an issue associated with your package.
**Reference**
Upon conduc…
-
### What happened?
Our scanning jobs have identified a new CVE "[CVE-2024-24791](https://www.cve.org/CVERecord?id=CVE-2024-24791)" in the pulumi 3.122.0. This is an issue with the Go standard library…
-
**Describe the bug**
High severity CVE
**How To Reproduce**
https://github.com/aquasecurity/trivy detected this CVE
**Expected Behavior**
using Go version without CVE
**Actual Behavior**…
-
```
root@stonetest:~# trivy image openebs/linux-utils:latest
2022-07-06T13:42:52.215+0800 INFO Vulnerability scanning is enabled
2022-07-06T13:42:52.215+0800 INFO Secret scanning is enabled
2022-0…
-
### Your Feature Request
What is the recommendation for QUIC support now that OpenSSL 1.1.1 has reached end of life. I believe HAProxy's recommendation is to build HAProxy with QuicTLS 1.1.1 as OpenS…
-
#### What happened:
CVE in `registry.k8s.io/build-image/distroless-iptables:v0.5.3` image
```bash
➜ trivy image --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL registry.k8s.io/…
-
### PURL of wrongly matched component
pkg:maven/io.quarkus/quarkus-core@3.6.3?type=jar
### Depscan findings
`No oss vulnerabilities detected ✅`
but there should be https://github.com/advis…
-
Tracking issue for:
- [ ] https://github.com/Voornaamenachternaam/chachacrypt/security/code-scanning/74