-
I tried using osv-scanner with the latest available docker image and a CyclonDX SBOM using the following command
```
~/test/osv$ docker run -it -v ${PWD}:/src ghcr.io/google/osv-scanner --sbom=/src…
-
This issue was imported from JIRA:
| Field | Value |
| ---------------------------------- | --------------------------…
-
Vulnerable Library - spring-web-5.2.22.RELEASE.jar
Spring Web
Library home page: https://spring.io/projects/spring-framework
Path to dependency file: /adapters/hibernate/pom.xml
Path to vulnerable l…
-
Automated Pentest Recon Scanner: Sn1per
https://github.com/1N3/Sn1per
![Sn1per Logo](https://s3.amazonaws.com/cp-s3/wp-content/uploads/2015/09/08085429/cautionsniper.jpg)
Automated Pentest Recon …
-
from @ewels
Seeing more and more people ask about SBOM documents for pipelines / containers (software bill of materials). It looks like Trivy can generate SBOMs. Is this something that we could get …
-
Vulnerable Library - antisamy-1.5.3.jar
The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML
and CSS without exposing the site to XSS vulnera…
-
**Description**
Hey there, love this tool, I have some ideas/additions which I would build myself if I only had the time.... :
- The Nuclei tool is ran with default setting of stopping a scan of a…
-
-
Reported by hlee@indeed.com, Nov 13, 2012
Rapid7's Nexpose and Metasploit tools are widely used, and should be incorporated into ThreadFix.
-
## CVE-2020-13959 - Medium Severity Vulnerability
Vulnerable Library - velocity-tools-2.0.jar
VelocityTools is an integrated collection of Velocity subprojects
with the common goal of creati…