-
# Feature request
## Description
[Wazuh](https://wazuh.com/) is the upgraded fork of OSSEC; from what I hear OSSEC HIDS themselves have even started recommending it instead. It is being more act…
ageis updated
4 years ago
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/5788
Originally posted by **LesSyner** December 15, 2023
### Description
Trivy sometimes reports the same CVE for te same …
-
# What did you do? (required. The issue will be **closed** when not provided.)
I fetched latest oval of sles 15
used vuls to scan sles 15.3
# What did you expect to happen?
I expected to see CVE…
-
A scan shows 6 high CVEs for version 0.8.17. This issue to request when might these get fixed.
```
./trivy image --severity LOW,MEDIUM,HIGH,CRITICAL --ignore-unfixed --exit-code 3 --exit-on-eol 7…
-
## 关于XML解析存在的安全问题指引
https://pay.weixin.qq.com/wiki/doc/api/jsapi.php?chapter=23_5
微信支付商户,最近暴露的XML外部实体注入漏洞(`XML External Entity Injection`,简称 XXE),该安全问题是 **由XML组件默认没有禁用外部实体引用导致** ,非微信支付系统存在漏洞。
…
-
Hi OpenJS friends 👋 we'll be joining your Security WG meeting this upcoming Monday, October 2, to discuss the below idea, but please feel free to comment with feedback at any point! We're hoping to be…
-
For reference do checkout this.
Related: [cve-bin-tool issue 4058](https://github.com/intel/cve-bin-tool/issues/4058)
while scanning a spdx sbom file in json format containing two different versi…
-
## Description
The twistlock instance is responding to ssm commands with InProgress and then failing to run the scan. The instance itself also eventually reports that the 'Instance reachability che…
-
GSoC 2024 has been officially announced and the schedule is up here:
https://developers.google.com/open-source/gsoc/timeline
We'll want to have some _viable_ ideas nailed down around the end of Ja…
-
https://osv.dev/vulnerability/DSA-5532-1