github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-16 08:36:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c6b9f9c6818f2837ec66c4aa82fc4c6d71844d2
DependencyCheck/dependency-check-core
History
David Jahn 8c6b9f9c68 Fixed CVSS for Ruby. 
this bug was discovered when scanning ruby applications and getting back
`-1` cvss. this turns out to be a problem with bundle-audit cve
database.

Our solution was to use the NVD database, which dependency check uses to
get the CVSS scores for Ruby only if the Criticality is missing from
bundle-audit output. Keep in mind there are compilation errors with the
commit atm.

Fixes #485

Signed-off-by: Gabriel Ramirez <gabriel.e.ramirez@gmail.com>
2016-04-25 09:40:54 -04:00
..
src
Fixed CVSS for Ruby.
2016-04-25 09:40:54 -04:00
LICENSE.txt
added missing license, notice, and readme files
2014-01-16 18:34:31 -05:00
NOTICE.txt
added missing license, notice, and readme files
2014-01-16 18:34:31 -05:00
pom.xml
version 1.3.6
2016-04-10 07:06:07 -04:00
README.md
fixed hyperlink
2015-09-11 06:13:30 -04:00

README.md

Dependency-Check-Core

Dependency-Check-Core is the main engine used by all of the other modules to do the analysis and reporting.

Mailing List

Subscribe: [dependency-check+subscribe@googlegroups.com] subscribe

Post: [dependency-check@googlegroups.com] post

Archive: google group

Copyright & License

Dependency-Check is Copyright (c) 2012-2014 Jeremy Long. All Rights Reserved.

Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the LICENSE.txt file for the full license.

Dependency-Check makes use of several other open source libraries. Please see the [NOTICE.txt] notices file for more information.

Reference in New Issue View Git Blame Copy Permalink