-
-
## Description
Hello,
I am working on trying to use the API to retrieve impacted CPEs for a cve. The API v1 docs indicate that the CPE details should be available, as well as looking within the UI…
-
From https://github.com/CVEProject/cve-schema/releases/tag/v5.1.1-rc2:
> The syntax and format of the cpeApplicability block matches that used by the NIST NVD CVE API JSON v2.0 schema (configuratio…
-
### Describe the bug
Apparently, the flash drive is not powered. If I connect it via a USB HUB with external power, then it seems to be detected for a couple of seconds. I tried to turn on the GPIO p…
-
**What happened**:
Hello!
I've scanned an image using grype 0.84.0, and received the below CVE.
The problem is, that my package is version 17.0.2, and in the fixed versions some of the versions doe…
-
**What happened**:
I generated a filesystem SBOM with `syft scan dir:/ -o cyclonedx-json=/tmp/syft-scan.json` and checked generated JSON.
Multiple components were found for a unique linux image.…
-
Since I implemented basic CPE recently, here I will track which extensions support I implemented, which ones are on my priority, etc.
Currently I have implemented:
- CPE handshake (may need improvem…
-
IPv6 GUA is not assigned to WAN interface on boot anymore. I have to restart `dhcpcd` for it to succeed. Even more annoying is that my ISP requires IA_NA for IA_PD to work; so not only do I not get a …
-
This blog post from Anchore states to stop matching with CPEs: https://anchore.com/blog/say-goodbye-to-false-positives/
However the [default configuration settings](https://github.com/anchore/grype…
-
Support CPE for the "affected" array:
https://cveproject.github.io/cve-schema/schema/v5.0/docs/#oneOf_i0_containers_cna_affected_items_cpes
This issue is only to support syntactically correct CP…