tzirn

micrium uC/Lib vulnerability causes cve-bin-tool to delete triage response data from triage input file

48

### Description cve-bin-tool deletes triage analysis/response to micrium uC/Lib vulnerability. We have micrium uC/Lib listed in our CSV SBOM and there is 1 vulnerability for micrium uC/lib. cve-bin-tool finds it...

cve-bin-tool v3.4 "published" and "updated" values

14

### Description v3.4 of the tool and have parameters to tell it to make a new json/vex file. The published and updated values it puts in for each CVE found...

cve-bin-tool v3.4 doesnt handle exploitable / requires_environment correctly

1

### Description when the input vex/json triage file has an analysis of state=exploitable and justification=requires_environment the tool doesnt handle the update of the "details" field correctly. in 3.3 for all...

v3.4 excludes micro-ecc when version is "1" instead of "1.0" which worked in 3.3

1

### Description @terriko requested I open a new bug report: in v3.4 of this tool when the micro-ecc version is set at 1 in the SBOM CSV file (because Excel...