Skip to content

Issues: owasp-dep-scan/dep-scan

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

64 Open 109 Closed
64 Open 109 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

False-Positive: MAL-2024-4696 found on Microsoft Webview false-positive A wrongly identified vulnerability
#385 opened Jan 28, 2025 by Geertkok1
@prabhu @cerrussell
4
Feature: Add a more descriptive message on reports if no vulnerabilities have been found bug Something isn't working
#384 opened Jan 8, 2025 by Forgh
1
Bug: CVSS v4 support requires cvss package 3.0 or later bug Something isn't working
#383 opened Dec 24, 2024 by anthonyharrison
3
Trim properties in VDR enhancement New feature or request good first issue Good for newcomers
#362 opened Nov 2, 2024 by prabhu
Question about direct and transitive dependencies
#357 opened Oct 11, 2024 by almaz045
1
False-Positive: Receiving findings for lodash@4.17.21 false-positive A wrongly identified vulnerability
#353 opened Sep 27, 2024 by harshit-kochar
4
Feature: Adding insight in json report enhancement New feature or request
#352 opened Sep 26, 2024 by Ali-Yazdani
3
Doesn't download dep scan bug Something isn't working
#348 opened Sep 13, 2024 by itsarraj
1
Feature: Adding custom feeds to the database enhancement New feature or request
#336 opened Aug 21, 2024 by Nadir-CS
3
Bug: Error when scanning Gradle Project bug Something isn't working
#326 opened Jul 10, 2024 by aydinnyunus
1
Feature: Please consider adopting OpenSSF Scorecard enhancement New feature or request
#324 opened Jul 9, 2024 by andrewpollock
1
Bug: Missing JSON report when running as Dockerized bug Something isn't working
#318 opened Jun 28, 2024 by kaiorafael
2
CVE-2019-18413 flagged as critical data-quality
#316 opened Jun 21, 2024 by prabhu
1
False-Positive: CVE-2022-24304 rejected by NVD data-quality
#315 opened Jun 21, 2024 by prabhu
Golang binaries are not scanned from within containers enhancement New feature or request
#314 opened Jun 13, 2024 by lm-sig
1
[docs] Lessons for analyzing common vulnerable repos
#312 opened Jun 6, 2024 by prabhu
Bug: Empty reachability report bug Something isn't working
#310 opened Jun 4, 2024 by zhcoden
1
[v6] choices for reachability analysis
#307 opened May 23, 2024 by prabhu
[risk-audit] Detect use of Trusted publisher
#301 opened Apr 23, 2024 by prabhu
Bug: Reachability scan fails bug Something isn't working
#300 opened Apr 22, 2024 by sjpritchard
3
cargo:http is yielding a lot of false positives
#299 opened Apr 17, 2024 by prabhu
False-Positive: I raised the topic on discord. I compared the DT, Depscan, and Grype analyzers. The results are presented in the table. I think it will be useful for correcting the quality of the analysis. false-positive A wrongly identified vulnerability needs-contributor
#290 opened Apr 4, 2024 by almaz045
1
False-Positive: CVE-2021-39913 false-positive A wrongly identified vulnerability
#286 opened Apr 3, 2024 by almaz045
7
Feature: VDB update frequency information enhancement New feature or request
#280 opened Mar 21, 2024 by johennin
2
[v6] Prefer xz vdb over rafs breaking
#279 opened Mar 19, 2024 by prabhu
ProTip! Mix and match filters to narrow down what you’re looking for.