cve-bin-tool
cve-bin-tool copied to clipboard
intel
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or...
When you specify a bill of materials/csv/json file where cve-bin-tool is expecting a binary, we have code that makes it "do the right thing" and switch to -i to attempt...
root is set to filename and filename is set to " - " since https://github.com/intel/cve-bin-tool/commit/a8d9eebbf109448e13a734eadeda1d3f04a3b194 which seems completely wrong: ``` ╭─────────────────╮ │ NewFound CVEs │ ╰─────────────────╯ ┏━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━━━━━━┓ ┃ Vendor ┃...
The default access to the NVD database is now to use the NVD API using a NVD API Key. However, if no API Key is specified or discovered using the...
The check for the latest schema is not performed if the `--update never` option is set. This means that an exception will be raised if using an old database schema.
Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot] avatar"){kind=avatar}
Currently we use Bootstrap CSS v4.5.0 and to upgrade to v5.x we want to make changes (different attributes or class names?) in the HTML files to get the report generated...
Right now we use cve-bin-tool to scan the main requirements.txt file and a few others. We've recently moved a bunch of the development requirements into dev-requirements.txt so they're no longer...
Related: * #1768 It looks like the script that adds new checkers into the docs is not running as expected in CI. The yml for it is here: https://github.com/intel/cve-bin-tool/blob/main/.github/workflows/formatting.yml
Filenames with a .bin extension are typically firmware images but are currently ignored because they are not a valid archive or supported extraction type. However they can be readily extracted...
We currently maintain two .csv files for scanning components needed or included by cve-bin-tool. Now that we have sbom support, we might want to consider providing an actual SBOM both...