-
we got vulnerabilty again two library installed through jar file. details:
1)
io.netty:netty-codec
usr/share/elasticsearch/modules/transport-netty4/netty-codec-4.1.49.Final.jar CVE-2021-37136
…
-
### Actual Behavior
Scanning images from the RD UI seems not to show any vulnerabilties of the application parts in the image.
When i run the scan within WSL i do get a complete list of vulnerabilit…
-
### Bug report
webpack-dev-server@3.11.3 has dependency to old chokidar version 2.1.8 which has dependency to glob-parent@3.1.0 which has a high vulnerabilty
### Actual Behavior
i'm using A…
-
Hello,
Im trying to utilize amazon linux 2 os vulnerability scanning and Im getting the error `wazuh-modulesd WARNING Invalid provider name: 'alas'`. Im using wazuh 4.2.2 and you can see the confi…
-
What would be the right contact to report a security vulnerabilty? thanks!
haby0 updated
2 years ago
-
Hi
This commit does not fix the vulnerabilty
https://github.com/Graylog2/graylog-docker/commit/82fec0094bc98aedd59e5f6538d819178ff77056
From: https://logging.apache.org/log4j/2.x/security.html …
-
**What would you like to be added**:
Having a CI script like the previous [inline_scan](https://engine.anchore.io/docs/usage/integration/ci_cd/inline_scanning/) one, that performs a Grype scan and up…
-
After running the OWASP Dependency check against our components, reporting vulnerabilties :
```text
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:5.3.2:aggregate ...... :
[ERROR]…
-
It would be nice to be able to disable specific bandit test numbers, like:
def mybadfunction(token='notreallyasecret'): # no-sec-b900
-
I got error message while scan image type script using node10 alpine base image.
action runner is Ubuntu 20.04
I also try using trivy command on my local machine(mac) to scan this image but not foun…