The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
I think we should rename the data/ directory to be mismatch_data/ to avoid confusion, especially if the mismatch utility might be re-used in projects that might have other directories named data.
I can't really think of any reason to stick with just data/ except that it'll take some work to fix it. I do think we should stick with whatever we choose after 3.4 is fully released, though, so if we're going to make the change it should be now.
I think we should rename the
data/directory to bemismatch_data/to avoid confusion, especially if the mismatch utility might be re-used in projects that might have other directories named data.I can't really think of any reason to stick with just
data/except that it'll take some work to fix it. I do think we should stick with whatever we choose after 3.4 is fully released, though, so if we're going to make the change it should be now.