-
i'm using the google-distance-matrix npm package. i'm getting vulnerability alerts because of the qs version and mocha version.
I [tried with newer versions](https://github.com/hdrodel/qs-google-sig…
-
Hello,
Does the connector support new vulnerability-detection in wazuh?
The latest Wazuh release creates new wazuh-states-vulnerabilities* index to which it generates findings, and the older vul…
-
I think this API is missing: https://developer.github.com/v3/repos/#enable-vulnerability-alerts
Would be cool to implement it.
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| 4.8.0 | ? | Manager | docker | – |
In the old vulnerability detector, the alert rules 23502–23507 were creat…
misje updated
2 weeks ago
-
When building a Docker image using this package, and then performing a Trivy scan on it, it reports HIGH vulnerability errors due to the private keys in the `certs` dir that are used for testing purpo…
-
## Proposed Change
Resolving [high severity vulnerability alerts](https://github.com/department-of-veterans-affairs/va-mobile-app/security/dependabot) from Dependabot by upgrading the necessary pac…
-
Most package managers have a *-audit tool: pip-audit, cargo-audit, npm-audit, etc. that pull security advisories from public databases (OSV, CVEs, package-specific databases, etc)
Dependabot and reno…
-
|Wazuh version|Component|
|---|---|
| 4.8.0-1| Wazuh Manager |
## Description
It seems that Wazuh 4.8.0 has removed the Vulnerability API endpoint (https://server/:PORT/vulnerability/) -- e.g.…
-
Hello,
The Security SIG is looking to ensure that security tooling is setup consistently across the organization. As a result, we're asking maintainers to ensure the following tools are enabled in ea…
-
## Description
This issue aims to for fields that lack values (score.base, score.version, severity, classification), automatically assign a hyphen (-) as a placeholder.
**Note: depending on the field…