intel/cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
PythonGPL-3.0
Issues
- 0
fix: Incorrect validation of PURL string
#4420 opened by anthonyharrison - 19
micrium uC/Lib vulnerability causes cve-bin-tool to delete triage response data from triage input file
#4417 opened by tzirn - 0
feat: handle : in filenames better
#4401 opened by terriko - 8
- 3
fix: [Cannot connect to host]
#4414 opened by torabi12 - 0
test_ouput_cyclonedx is failing
#4402 opened by terriko - 2
feat: json2 schema & tests
#4324 opened by terriko - 4
fix: need cvss metrics parser update
#4370 opened by matthew-renodin-bh - 0
doc: Describe JSON2 file format for output
#4333 opened by anthonyharrison - 3
fix: Location in SBOM field shows local filepath instead of location in binary
#4396 opened by jananir640 - 2
bug: HTML report generator fails due to unknown severity
#4392 opened by stjen - 0
docs: update argument list for README/MANUAL
#4393 opened by terriko - 13
test: these may need to be fixed/re-enabled in future
#4243 opened by terriko - 0
feat: report CVEs against unknown versions
#4375 opened by terriko - 1
feat: Added my own checkers - count is 19K
#4372 opened by bakasur89 - 4
in CVE Tool 3.2.1, --report parameter is not generate report file when no CVE found. Same issue observe in 3.3
#4326 opened by zongtaol - 3
bug: Offline operation, sqlite checker attempts internet access and results in error
#4359 opened by bufferattack - 5
feat: "language" parser for Conan [ C/C++ ]
#4265 opened by mastersans - 0
refactor: mismatch directory name?
#4350 opened by terriko - 1
bug: error scanning apache-airflow requirements
#4355 opened by terriko - 1
test: move language scanner tests to longtests
#4322 opened by terriko - 0
fix: add docs/tests for mismatch utilty
#4323 opened by terriko - 1
docs: upgrading sphinx & myst-parser
#4311 opened by terriko - 0
fix: add def __str__(self): to parsers
#4328 opened by terriko - 2
fix: List of language parsers not reported
#4334 opened by anthonyharrison - 0
feat: improved scannning a python site-packages directory
#4330 opened by terriko - 1
- 0
- 1
ci: reduce tests run in short test jobs
#4315 opened by terriko - 1
- 0
test: improve performance on our slowest tests
#4321 opened by terriko - 1
ci: remove spelling words that are no longer needed
#4314 opened by terriko - 3
- 0
transition from pip install -e
#4313 opened by terriko - 0
ci: removing "old" csv-based scan?
#4294 opened by terriko - 1
fix: install into a Python 3.12 venv fails due to setuptools being a runtime dependency not just a dev dependency
#4282 opened by cpswan - 0
Refactor: mismatch/purl generation calls in parsers
#4288 opened by terriko - 3
cve-bin-tool.readthedocs.io documentation is broken
#4281 opened by kartben - 0
feat: Add support for CVSSv4
#4238 opened by anthonyharrison - 0
ci: extend cached job to try mirror?
#4240 opened by terriko - 1
SBOM generation down?
#4258 opened by terriko - 1
test: improve coverage of tool (meta-issue)
#4257 opened by mastersans - 0
test: improve coverage for data_sources
#4256 opened by mastersans - 0
test: improve coverage for output_engine
#4255 opened by mastersans - 0
refactor: cvedb.py schema checks
#4242 opened by terriko - 2
ci: check access for purl2cpe database
#4216 opened by terriko - 2
ci: Copyright + SPDX license header checker
#4219 opened by terriko - 0
bug: 0 cve html report
#4221 opened by terriko - 1
gsutil error
#4220 opened by terriko - 0
feat: allow refresh of only one data source
#4205 opened by terriko