CycloneDX BOM Repository Server 路径遍历漏洞

CycloneDX BOM Repository Server is a BOM repository server. It is used to distribute CycloneDX BOMs. A path traversal vulnerability exists in CycloneDX BOM Repository Server versions prior to 2.0.1, which stems from incorrect input validation leading to path traversal issues. An attacker can use...

Pip-Audit - Audits Python Environments And Dependency Trees For Known Vulnerabilities

pip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database https://github.com/pypa/advisory-db via the PyPI JSON API as a source of vulnerability reports. This project is developed by Trail of Bits with support from...