Joydeep Tripathy

Added checker for Google Chrome as I saw it missing in the checker list

feat: added debian parser

31

closes #2917

feat: checker-experiment

3

This experiment is an extension of the CI-Pre-Checker github action. https://github.com/intel/cve-bin-tool/pull/3840 This script aims to print any and all the checkers which have {product,version} pairs in their VENDOR_PRODUCT which do...

feat: add unblob based tarfile extractor

5

Following the discussion on https://github.com/intel/cve-bin-tool/issues/3841 , I propose that we should add a [unblob](https://github.com/onekey-sec/unblob) based tarfile extractor, since the 'tarfile' library is vulnerable to path traversal, and thus has a...

feat: Added CI-PRE-CHECKER for VENDOR_PRODUCT

12

Closes #3628

feat: add fuzzer for Dart Parser

1

### Description cve-bin-tool has an [existing fuzz testing setup](https://github.com/intel/cve-bin-tool/tree/main/fuzz) which is based on Google Atheris. One of the areas it doesn't yet cover is the files used by the language...

feat: Add fuzzer to Debian Parser

1

### Description cve-bin-tool has an [existing fuzz testing setup](https://github.com/intel/cve-bin-tool/tree/main/fuzz) which is based on Google Atheris. One of the areas it doesn't yet cover is the files used by the language...

discussion: bandit linter showing high severity_score for tarfile library

7

In my recent commit to my PR https://github.com/intel/cve-bin-tool/pull/3543 bandit linter shows that the used library **tarfile** has high severity_score. However, I went through all the documentations of the repo and...

fix: TypeError in fuzz_python_requirement_parser in fuzzing reports

3

Related #4045 Related to fuzzing run https://github.com/intel/cve-bin-tool/actions/runs/8595897802. 

fix: TypeError in fuzz_pubspec_lock.py

3

Related #4045