-
Run synopsys-sig/detect-action@v0.3.0
with:
github-token: ***
detect-version: 7.9.0
scan-mode: RAPID
fail-on-all-policy-severities: false
detect-trust-cert: TRUE
env:
…
-
We routinely run Black Duck scans on our product to identify vulnerabilities or issues, whether they originate from third-party components or our own codebase. After upgrading to .NET 8 and using the …
-
BlackDuck scan reports vulnerabilities in the PCRE2 component. This component is reference by Microsoft.Azure.Cosmos.ServiceInterop.dll
The version of Microsoft.Azure.Cosmos.ServiceInterop.dll is 2.1…
-
Hi Team,
I've run BlackDuck scan on registry 3.0.0-beta.1 image and found that below 3 vulnerability is mentioned on it.
These 2 vulnerability on busybox (CVE-2022-48174, CVE-2023-39810)
…
-
Right now there's a scary "1/10 (high risk)" reported by BlackDuck for our project. We should really see what we can do to remedy this. It might not be possible for all dependencies, but in those case…
-
I would like to set `detect.blackduck.rapid.compare.mode=ALL` via the environment variable `DETECT_BLACKDUCK_RAPID_COMPARE_MODE`. This is not possible - quite in contrast to the README I must say - b…
-
INFO 61723 --- [blackduck.installer.Application : Try #29 (elapsed: 00:14:00.363)...not done yet, waiting 30 seconds and trying again...
INFO 61723 --- [blackduck.installer.Application : Coul…
-
As ORT is an orchestrator, it should allow to configure BlackDuck as scanner where code snippet can be scanned and result can be stored in ORT backend storage i.e. PostgreSQL
High Level Considerati…
-
We are using Running GitHub enterprise in an air gapped environment. We have sync'd the synopsys-action into our environment and downloaded the bridge executable to the runner. When the SYNOPSYS_BRID…
-
*Title:* immer : < 9.0.6 - Prototype Pollution in immer
*File:* public/package-lock.json
https://qa.armorcode.ai/#/findings/6303727
*Title:* CVE-2019-16942 : com.fasterxml.jackson.core_jackson-databi…