Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up VEX to eliminate false-positives from vulnerability scanning tool results #1576

Open
AkihiroSuda opened this issue Dec 1, 2022 · 3 comments
Open

Set up VEX to eliminate false-positives from vulnerability scanning tool results #1576

AkihiroSuda opened this issue Dec 1, 2022 · 3 comments
Labels
area/project documentation Improvements or additions to documentation expert

Comments

@AkihiroSuda
Copy link
Member

e.g., https://github.com/CycloneDX/bom-examples/tree/master/VEX/Use-Cases/Case-4

For false positives like:
@AkihiroSuda AkihiroSuda added documentation Improvements or additions to documentation area/project expert labels Dec 1, 2022
@its-sachink
Copy link

Thanks for explanation.

Regards,
Sachin. K.

@AkihiroSuda AkihiroSuda changed the title Set up VEX to eliminates false-positives from vulnerability scanning tools Set up VEX to eliminate false-positives from vulnerability scanning tool results Dec 2, 2022
@dims dims mentioned this issue Oct 23, 2023
Open
@dims
Copy link
Member

dims commented Oct 23, 2023

xref: kubernetes/kubernetes#121454

@ritazh
Copy link

ritazh commented Jun 27, 2024

xref: kubernetes/sig-security#116

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/project documentation Improvements or additions to documentation expert
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dims @ritazh @AkihiroSuda @its-sachink