-
Dear all,
We are trying to add vulnerability lookup as part of a docker image (based on registry.access.redhat.com/ubi9:9.4). The installation works until the step in which
`poetry run start`
…
-
Overall idea (open to discussion):
- Importing CWE and CAPEC as kind of source (like KEV) to allow expanding CWE and CAPEC from the vulnerability when these have a referecent to CWE and CAPEC. (At…
-
Trying to scan a local repository with the following command:
**dependency-check.bat --project "EPG" --nvdApiKey xxx --scan "C:\Users\xxx\Documents\WORK\Repos\xxx-sps_epg-body-616e81a81488\xxx-sps…
-
We need to inform users about the repo location change. Here is a checklist:
- [x] csaf-announcements
GitHub repos: Identified via [Search](https://github.com/search?q=csaf-poc%2Fcsaf_distributi…
-
**Is your feature request related to a problem?**
OpenSearch users want an easy way to enrich the data they have stored in OpenSearch and external data sources using content from an OpenSearch index.…
-
Hi, I have scanned a firmware using cve lookup plugin, but it seems that the cve vulnerability in the list does not match the actual version, for examaple, my openssl version is 1.0.2u, why CVE-1999-0…
-
**Affected Version**
The latest version 2.3.2 and below.
**Describe the vulnerability**
There is a method, `org.quartz.jobs.ee.jms.SendQueueMessageJob.execute(JobExecutionContext)`, designed to s…
-
I ran vulnhuntr on https://github.com/ahmedkhlief/Ninja to see its analysis of a known AFO there:
`poetry run vulnhuntr -l claude -r /home/abc/Downloads/Ninja/ -v`
I get the following traceback…
-
## Describe the bug
I am using terraform resource prismacloudcompute_ci_image_vulnerability_policy to provision CI image vulnerability rules however its not working correct with loop.
## Expecte…
-
Impacted component: quay.io/niklaushirt/rs-load
Additional details
--------------------
The CVE-2021-44228, also known as "Log4j 2 Remote Code Execution Vulnerability," is a critical security flaw in…