-
I think this package could have an option that would ignore vulnerabilities that don't have a patch.
example:
```
Low: Prototype Pollution
Package: lodash
Patched in: No patch available
Dependen…
-
What would be the right contact to report a security vulnerabilty? thanks!
haby0 updated
2 years ago
-
What would be the right contact to report a security vulnerabilty? thanks!
haby0 updated
2 years ago
-
Hi folks,
Can I ask if this project uses log4J? If so, it might need a version bump; https://www.lunasec.io/docs/blog/log4j-zero-day/
cheers
John
kript updated
2 years ago
-
It's common to have test in Maven pom.xml files to include dependencies needed only for testing. At the moment, Trivy detects these and reports any vulnerabilties found, even though the corresponding…
-
How to reproduce: Switch to branch "release-1.4" and then run `npm audit`
```
=== npm audit security report ===
┌───────────────┬──────────────────────────────────────────────────────────…
-
Hello,
first, thank you for the great tools you provide, I used it on a lot of projects and it's really usefull.
I have a question : do you have a plugin or a way to declare an internally develo…
-
We have been seeing this error more and more lately and we wonder if this is related to the action or is github infra. Any suggestion would be greatly apreciated.
```
Scanning for vulnerabilties …
-
What would be the right contact to report a security vulnerabilty? thanks!
haby0 updated
2 years ago
-
Getting vulnerability - Need fix. Scan is done via AquaSec for the docker image.
RHSA-2021:4374
RHSA-2021:4358
RHSA-2021:4464
RHSA-2021:4595
RHSA-2021:4587
RHSA-2021:4382
RHSA-2021:4059
RHSA-2…