You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Similiar to #4843 : Some CVEs are not reported to NVD or are added very late.
We previously used to scan for CVEs only using the NVD database, but a lot of our customers used the OSS index and fairly frequently reported some CVEs back to us that our scan failed to pick up due to it missing in the NVD database. Since then we have changed our CVE scans to use both databases and have not had that issue since.
Since we are now moving our projects to Github and would love to use Dependabot it would be great to not have that issue come back up again.
The text was updated successfully, but these errors were encountered:
Similiar to #4843 : Some CVEs are not reported to NVD or are added very late.
We previously used to scan for CVEs only using the NVD database, but a lot of our customers used the OSS index and fairly frequently reported some CVEs back to us that our scan failed to pick up due to it missing in the NVD database. Since then we have changed our CVE scans to use both databases and have not had that issue since.
Since we are now moving our projects to Github and would love to use Dependabot it would be great to not have that issue come back up again.
The text was updated successfully, but these errors were encountered: