Shachar Menashe
Shachar Menashe
Where should security issues be reported to?
Hello maintainers, Is there a mailing list or something similar where security issues be reported? Don't want to report here since it will be completely public
Add support for applicability scanning of indirect (transitive) CVEs. This is done by sending a separate list of detected indirect CVEs (indirect-cve-whitelist) to the applicability scanner YAML configuration file. Also...
### Describe the bug When running `jf audit`, the JFrog CLI will show an `Undetermined` result for vulnerabilities that do not have a CVE ID (only have an XRAY ID),...