Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency tracker won't detect some vulnerability #4488

Open
mehrdad2000 opened this issue Dec 21, 2024 · 1 comment
Open

Dependency tracker won't detect some vulnerability #4488

mehrdad2000 opened this issue Dec 21, 2024 · 1 comment
Labels
defect Something isn't working in triage

Comments

@mehrdad2000
Copy link

mehrdad2000 commented Dec 21, 2024
edited
Loading

Hi, I have 3 vulnerabilities that when scanned with Trivy in cli detect and show correctly, but when I upload the result into the dependency tracker either with Trivy or cyclonedx won’t show in the dependency tracker.

Here it is:
CVE-2021-22570
CVE-2023-5236
CVE-2023-5384

FYI: I’ve checked all of them seem to exist in NVD, and the database updated correctly.
Any idea?

DT version: 4.12.2
@mehrdad2000 mehrdad2000 added defect Something isn't working in triage labels Dec 21, 2024
@valentijnscholten
Copy link
Contributor

Can you provide the SBOM or CPE/PURL used in the SBOM you're uploading.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
defect Something isn't working in triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@valentijnscholten @mehrdad2000