-
The golang bookworm base image has some CVEs that may require resolving, I find these CVEs are common occurrence with many core Kubernentes containers such as Velero, External-DNS and Cert-Manager. Is…
-
### What is your question?
Hi,
I've noticed that stb package contains components that have their own versions. And some of them might even have security vulnerabilities. Example: stb_image
https:…
-
### PURL of wrongly matched component
[stats-github.ods](https://github.com/owasp-dep-scan/dep-scan/files/14874571/stats-github.ods)
[depscan-bom.json](https://github.com/owasp-dep-scan/dep-scan/f…
-
### Describe the bug
@loopback/rest triggers a critical security vulnerability due to strong-error-handler's dependency on [ejs](https://github.com/mde/ejs).
The vulnerability is currently [disput…
-
Our security team is flagging the current Datadog agent build for 3 High Severity CVEs that have been addressed in the cpe:2.3:a:postgresql:postgresql, Version: 10.19 library.
Our corporate policy…
-
It is useful to give the user the possibility to create a sample of networks with random number of nodes, in particular: **N_1,N_2,...,N_{sample_size} iid Poisson(num_vertices)**.
-
Hi,
Do you have plan to upgrade the golang version to 1.21.2+ (currently the grpcurl 1.8.9 is built on top of golang 1.21.1)? In our security scanning, we get a Critical issue in 1.21.1 ([CVE-2023-…
-
When "mvn org.owasp:dependency-check-maven:3.3.1:check" command is run an error appears:
[ERROR] IO Exception connecting to https://artifactory/2.0/nvdcve-2.0-2004.xml.gz: HEAD request returned a n…
-
### Package URl
pkg:npm/mongodb@5.9.2
### CPE
`cpe:2.3:a:mongodb:mongodb:5.9.2:*:*:*:*:*:*:*`
### CVE
CVE-2014-8180
### ODC Integration
{"label"=>"Gradle Plugin"}
### ODC Version
9.0.5
### D…
-
After upgrading from 1.4 to 1.6.1 i know get a rebase issue when pushing the index.
I do not have any un pushed changes.
I went so far removing the repo locally and cloning it from scarch and tryi…