Release CVE Binary Tool 3.3rc3 pre-release · intel/cve-bin-tool

Assorted bugfixes, new checkers, and improvements (see details below). This may be the last pre-release before 3.3 if we don't find any additional issues.

BREAKING CHANGE: Windows users will now have to use python 3.12 if they intend to scan tarfiles.

What's Changed

fix: java parser failing to match vendor on product without '-' by @bcieszko in #2961
feat(checker): New checker request - GNU emacs by @bcieszko in #2941
chore: update SBOM for Python 3.7 by @github-actions in #3025
chore: update SBOM for Python 3.10 by @github-actions in #3024
chore: update SBOM for Python 3.9 by @github-actions in #3023
chore: update SBOM for Python 3.8 by @github-actions in #3022
chore: update SBOM for Python 3.11 by @github-actions in #3021
[StepSecurity] Apply security best practices by @step-security-bot in #3031
fix: Enhance SBOM docs (fixes #2922) by @offsake in #3029
ci: adjust dependabot config to limit false positives by @terriko in #3033
chore: update checkers table by @github-actions in #3026
chore: bump to dev version 3.2.2dev0 by @terriko in #3019
chore(deps): bump actions/dependency-review-action from 2.5.1 to 3.0.4 by @dependabot in #3034
chore: update SBOM for Python 3.7 by @github-actions in #3040
chore: update SBOM for Python 3.8 by @github-actions in #3039
chore: update SBOM for Python 3.9 by @github-actions in #3038
chore: update SBOM for Python 3.11 by @github-actions in #3037
chore: update SBOM for Python 3.10 by @github-actions in #3036
feat(checker): add mini_httpd checker by @ffontaine in #3020
feat(checker): add libmicrohttpd checker by @ffontaine in #3014
ci: fix dependabot config by @terriko in #3041
chore: update pre-commit config by @github-actions in #2968
feat(checker): add cpio checker by @ffontaine in #3013
ci: Harden GitHub Actions [StepSecurity] by @step-security-bot in #3043
feat(checker): add sngrep checker by @ffontaine in #3035
feat(checker): add fluidsynth checker by @ffontaine in #3012
feat(checker): add pixman checker by @ffontaine in #3010
feat(checker): add ldns checker by @ffontaine in #3004
feat(checker): add gzip checker by @ffontaine in #2998
chore: update checkers table by @github-actions in #3044
ci: Dependabot "duplicated" lines and ignore "*" by @terriko in #3045
chore(deps): bump github/codeql-action from 2.1.27 to 2.3.5 by @dependabot in #3049
chore(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in #3051
chore(deps): bump actions/checkout from 3.1.0 to 3.5.2 by @dependabot in #3050
chore: update pre-commit config by @github-actions in #3048
ci: pin dependency-review linux, fix dependabot by @terriko in #3055
feat(checker): add gdk-pixbuf checker by @ffontaine in #3011
feat(checker): add libtasn1 checker by @ffontaine in #3000
feat(checker): add dmidecode checker by @ffontaine in #2997
feat(checker): add libgd checker by @ffontaine in #2978
feat: merged report content change and comments added in html reports by @gvozzolo in #2913
feat: add support for pgp signing (#2577) by @b31ngd3v in #2882
chore: update checkers table by @github-actions in #3061
chore: update SBOM for Python 3.8 by @github-actions in #3070
chore: update SBOM for Python 3.7 by @github-actions in #3069
chore: update SBOM for Python 3.10 by @github-actions in #3068
chore: update SBOM for Python 3.9 by @github-actions in #3067
chore: update SBOM for Python 3.11 by @github-actions in #3066
ci: up timeouts on short and long tests by @terriko in #3072
feat(checker): add udisks checker by @ffontaine in #2999
feat(scanner): slight update in version display by @ffontaine in #3063
feat(checker): add readline checker by @ffontaine in #2976
feat(checker): add ntfs-3g checker by @ffontaine in #2973
feat(checker): add ngircd checker by @ffontaine in #3003
feat(checker): add libmodbus checker by @ffontaine in #3002
feat(checker): add coreutils checker by @ffontaine in #3001
fix: improve openssl checker by @ffontaine in #2987
chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @dependabot in #3052
chore: update SBOM for Python 3.8 by @github-actions in #3082
fix: root file path of vulnerable component is missing by @b31ngd3v in #3088
chore: update SBOM for Python 3.9 by @github-actions in #3081
chore: update SBOM for Python 3.10 by @github-actions in #3080
chore: update SBOM for Python 3.11 by @github-actions in #3079
chore: update SBOM for Python 3.7 by @github-actions in #3078
chore: update checkers table by @github-actions in #3073
chore(deps): bump step-security/harden-runner from 2.4.0 to 2.4.1 by @dependabot in #3090
chore(deps-dev): bump pre-commit from 3.3.2 to 3.3.3 by @dependabot in #3087
chore(deps): bump github/codeql-action from 2.3.5 to 2.20.0 by @dependabot in #3086
chore(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2 by @dependabot in #3085
chore(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #3084
fix: improve luajit checker by @ffontaine in #2993
fix: improve gimp checker by @ffontaine in #2992
ci: Automatically committing/suggesting linter fixes for PRs by @metabiswadeep in #3017
chore(deps): bump sphinx from 4.4.0 to 7.0.1 in /doc by @dependabot in #3056
fix: improve nghttp2 checker by @ffontaine in #2991
docs: adding database schema by @Rexbeast2 in #3097
chore(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in #3098
fix: fix xerces CPE ID by @ffontaine in #2932
docs: including doc in build by @Rexbeast2 in #3102
chore: update SBOM for Python 3.8 by @github-actions in #3111
chore: update SBOM for Python 3.11 by @github-actions in #3110
chore: update SBOM for Python 3.7 by @github-actions in #3109
chore: update SBOM for Python 3.10 by @github-actions in #3108
chore: update SBOM for Python 3.9 by @github-actions in #3107
fix: report is not generated when no CVEs detected (#3028) by @b31ngd3v in #3075
ci: dedeuplicate usage of codeql by @metabiswadeep in #3100
feat: adding epss data by @Rexbeast2 in #3104
feat: updating schema by @Rexbeast2 in #3106
chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3112
chore: removing support for Python3.7 by @Rexbeast2 in #2655
fix: fetch cves from mirror not working by @b31ngd3v in #3122
chore: update SBOM for Python 3.8 by @github-actions in #3126
chore: update SBOM for Python 3.9 by @github-actions in #3125
chore: update SBOM for Python 3.11 by @github-actions in #3124
chore: update SBOM for Python 3.10 by @github-actions in #3123
fix: improve dnsmasq checker by @ffontaine in #3121
chore: update pre-commit config by @github-actions in #3120
refactor: improve explanation of cve year parsing by @b31ngd3v in #3132
ci: set explicit permissions for coverity.yml by @terriko in #3060
docs: update openssf scorecard link in README.md by @yr1404 in #3129
chore(deps): bump github/codeql-action from 2.20.1 to 2.20.2 by @dependabot in #3127
chore: update SBOM for Python 3.9 by @github-actions in #3141
chore: update SBOM for Python 3.10 by @github-actions in #3140
chore: update SBOM for Python 3.8 by @github-actions in #3139
chore: update SBOM for Python 3.11 by @github-actions in #3138
feat: adding EPSS data by @Rexbeast2 in #3130
fix: Update SPDX Version handling by @anthonyharrison in #3137
fix: refactor insert queries by @Rexbeast2 in #3145
chore(deps): bump github/codeql-action from 2.20.2 to 2.20.3 by @dependabot in #3135
fix: Database records being lost (fixes #3150) by @anthonyharrison in #3151
chore(deps-dev): bump black from 23.3.0 to 23.7.0 by @dependabot in #3149
chore: exclude autobuild step by @chillerno1 in #3134
test: fix tests broken by improved data by @terriko in #3160
ci: extend cache timeout, disable failing test by @terriko in #3168
chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 by @dependabot in #3158
chore(deps): bump github/codeql-action from 2.20.3 to 2.21.0 by @dependabot in #3171
chore: Add new checker request issue template by @terriko in #3155
ci: add cve-bin-tool-action by @b31ngd3v in #3156
chore: SBOM updates july24 by @terriko in #3174
chore(deps): bump sphinx from 7.0.1 to 7.1.0 by @dependabot in #3176
chore(deps): bump step-security/harden-runner from 2.4.1 to 2.5.0 by @dependabot in #3175
feat: Populate cvss by @Rexbeast2 in #3147
chore(deps): bump sphinx from 7.1.0 to 7.1.1 in /doc by @dependabot in #3184
fix: import json flag by @b31ngd3v in #3192
chore(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in #3190
chore(deps-dev): bump flake8 from 6.0.0 to 6.1.0 by @dependabot in #3191
chore(deps): bump sphinx from 7.1.1 to 7.1.2 by @dependabot in #3195
feat: Add User-Agent for mirroring by @terriko in #3183
chore: update SBOM for Python 3.8 by @github-actions in #3189
chore: update SBOM for Python 3.9 by @github-actions in #3188
chore: update SBOM for Python 3.10 by @github-actions in #3187
chore: update SBOM for Python 3.11 by @github-actions in #3186
chore: update SBOM for Python 3.9 by @github-actions in #3206
chore: update SBOM for Python 3.10 by @github-actions in #3205
chore: update SBOM for Python 3.11 by @github-actions in #3204
chore: update SBOM for Python 3.8 by @github-actions in #3203
feat: Update queries by @Rexbeast2 in #3172
fix: update libksba CPE ID by @ffontaine in #3217
fix: update nodejs semver in test files to avoid warning by @terriko in #3207
feat: adding EPSS to console table by @Rexbeast2 in #3224
feat: Include EPSS in JSON and CSV output by @Rexbeast2 in #3211
chore(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @dependabot in #3218
chore(deps): bump step-security/harden-runner from 2.5.0 to 2.5.1 by @dependabot in #3226
chore(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.7 by @dependabot in #3227
feat(checker): add dav1d checker by @ffontaine in #3228
feat(checker): add libcoap checker by @ffontaine in #3229
feat(checker): add bwm-ng checker by @ffontaine in #3230
docs: change master to main in sample github action by @VishnuSanal in #3246
fix: enable gimp tests by @ffontaine in #3239
chore: Add additional issue templates by @terriko in #3236
fix: split curl and libcurl checkers by @ffontaine in #3238
chore: remove dependency on py by @terriko in #3235
feat: Adding epss into HTML output by @Rexbeast2 in #3234
docs: adding epss by @Rexbeast2 in #3233
feat: including metric table in Console by @Rexbeast2 in #3215
feat: include EPSS metrics in output PDF by @Rexbeast2 in #3213
fix: handling of product versions and vendor name guessing by @rhythmrx9 in #3225
fix: enable ceph tests by @ffontaine in #3251
chore: update SBOM for Python 3.8 by @github-actions in #3249
chore: update SBOM for Python 3.10 by @github-actions in #3248
chore: update SBOM for Python 3.11 by @github-actions in #3247
fix: ignore non-vulnerable CPEs from NVD CVEs by @gluesmith2021 in #3245
fix: fix typo in curl_source.py by @ffontaine in #3258
chore: update SBOM for Python 3.9 by @github-actions in #3250
fix: osv version parsing by @b31ngd3v in #3261
chore(deps): bump sphinx from 7.1.2 to 7.2.0 in /doc by @dependabot in #3263
chore(deps): bump actions/dependency-review-action from 3.0.7 to 3.0.8 by @dependabot in #3257
chore(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @dependabot in #3253
feat: enhance products with no identified vulnerabilities by @ffontaine in #3254
fix: blank path gets added when using triage_input_file option by @b31ngd3v in #3264
chore(deps): bump sphinx from 7.2.0 to 7.2.2 by @dependabot in #3266
fix: rename expat checker by @ffontaine in #3256
feat: epss percentile filter by @Rexbeast2 in #3244
docs: basic architecture by @Rexbeast2 in #3240
feat: use cveb.in mirror by default by @b31ngd3v in #3265
chore: update checkers table by @github-actions in #3237
chore: update SBOM for Python 3.8 by @github-actions in #3271
chore: update SBOM for Python 3.10 by @github-actions in #3270
chore: update SBOM for Python 3.11 by @github-actions in #3269
chore: update SBOM for Python 3.9 by @github-actions in #3268
fix: probability word spellling by @0o001 in #3274
ci: use cveb.in mirror in cve-bin-tool-action by @b31ngd3v in #3282
fix: spelling issue by @ffontaine in #3281
docs: cve-bin-tool-action links & instructions by @b31ngd3v in #3276
chore(deps): bump sphinx from 7.2.2 to 7.2.3 in /doc by @dependabot in #3280
feat: add CPE summary (without latest stable release) by @ffontaine in #3277
feat: adding EPSS probability filter by @Rexbeast2 in #3273
chore: update pre-commit and fix linter errors by @metabiswadeep in #3308
fix: fix products with no identified vulnerabilities by @ffontaine in #3300
feat: sort CPE summary by @ffontaine in #3316
chore: update pre-commit config by @github-actions in #3302
feat(checker): add GNU grep by @ffontaine in #3294
feat(checker): add terminology checker by @ffontaine in #3295
fix: add additional openssh CPE ID by @ffontaine in #3291
fix: add additional iperf3 CPE ID by @ffontaine in #3290
feat(checker): add ed checker by @ffontaine in #3296
chore: update SBOM for Python 3.10 by @github-actions in #3311
docs: updated version of cycloneDX #3272 by @kumaryogesh17 in #3285
feat(checker): add gdal checker by @ffontaine in #3297
chore: update SBOM for Python 3.9 by @github-actions in #3312
chore: update SBOM for Python 3.8 by @github-actions in #3310
chore: update SBOM for Python 3.11 by @github-actions in #3309
chore(deps-dev): bump pre-commit from 3.3.3 to 3.4.0 by @dependabot in #3314
ci: switch to a faster Black mirror by @Molkree in #3342
chore(deps): bump github/codeql-action from 2.21.4 to 2.21.7 by @dependabot in #3341
chore: update SBOM for Python 3.10 by @github-actions in #3346
chore: update SBOM for Python 3.9 by @github-actions in #3345
chore: update SBOM for Python 3.8 by @github-actions in #3344
chore: update SBOM for Python 3.11 by @github-actions in #3343
chore(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in #3319
chore(deps): bump actions/cache from 3.3.1 to 3.3.2 by @dependabot in #3320
chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3318
chore: update checkers table by @github-actions in #3324
fixed : #3347 by @r0ckYr in #3350
chore(deps): bump actions/checkout from 3.5.3 to 4.0.0 by @dependabot in #3315
feat(checker): add hwloc checker by @ffontaine in #3340
chore(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in #3352
chore: update checkers table by @github-actions in #3351
ci: Remove dependabot ignores by @terriko in #3348
feat(checker): add civetweb checker by @ffontaine in #3298
feat(checker): add qpdf checker by @ffontaine in #3299
feat(checker): add mpg123 checker by @ffontaine in #3301
feat(checker): add minetest checker by @ffontaine in #3303
feat(checker): add rpm checker by @ffontaine in #3304
feat(checker): add mupdf checker by @ffontaine in #3305
feat(checker): add axel checker by @ffontaine in #3306
feat(checker): add monit checker by @ffontaine in #3307
fix: mypy-errors in helper_script.py (#2763) by @Tengas in #2873
docs: specify docs build.os by @terriko in #3349
chore: update checkers table by @github-actions in #3354
chore(deps): bump sphinx from 7.2.3 to 7.2.6 in /doc by @dependabot in #3338
chore: update SBOM for Python 3.9 by @github-actions in #3358
chore: update SBOM for Python 3.10 by @github-actions in #3357
chore: update SBOM for Python 3.8 by @github-actions in #3356
chore: update SBOM for Python 3.11 by @github-actions in #3355
chore(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in #3363
chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #3359
feat(checker): extended BindChecker by @sw-sdiepold in #3353
test: improve flaky java language scanner test by @terriko in #3362
chore: update SBOM for Python 3.9 by @github-actions in #3371
chore: update SBOM for Python 3.11 by @github-actions in #3370
chore: update SBOM for Python 3.10 by @github-actions in #3369
chore: update SBOM for Python 3.8 by @github-actions in #3368
chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 by @dependabot in #3375
chore(deps): bump step-security/harden-runner from 2.5.1 to 2.6.0 by @dependabot in #3376
docs: Add missing docstrings fetch_json_db.py by @Niloth-p in #3381
Fix : add missing docstrings to package_list_parser.py #3377 by @Swarno-Coder in #3382
ci: add conditional execution for SBOM workflow on the main repository. by @rudrakshkarpe in #3389
feat: Add purl support for SBOMs by @anthonyharrison in #3373
chore: update SBOM for Python 3.9 by @github-actions in #3402
chore: update SBOM for Python 3.10 by @github-actions in #3401
chore: update SBOM for Python 3.8 by @github-actions in #3400
chore: update SBOM for Python 3.11 by @github-actions in #3399
feat(checker): add dosfstools by @sw-sdiepold in #3391
feat(checker): add debianutils by @sw-sdiepold in #3390
docs: add missing docstrings to cvedb.py by @reginareynolds in #3392
feat(checker): gawk checker by @sw-sdiepold in #3395
feat(checker): enhance e2fsprogs by @sw-sdiepold in #3396
feat(checker): add twonky_server by @ffontaine in #3408
chore(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3403
chore(deps): bump github/codeql-action from 2.21.9 to 2.22.1 by @dependabot in #3406
chore(deps): bump stefanzweifel/git-auto-commit-action from 4.16.0 to 5.0.0 by @dependabot in #3404
docs: add missing docstrings to cli.py by @bkpecho in #3387
docs: add missing docstrings to log.py #3383 by @NabhiA in #3388
fix: improve hostapd checker by @ffontaine in #3413
fix: improve tcpdump checker by @ffontaine in #3414
chore: update checkers table by @github-actions in #3411
feat: fuzz testing PythonRequirementsParser by @raffifu in #3397
fix: improve samba checker by @ffontaine in #3426
chore: update SBOM for Python 3.10 by @github-actions in #3424
chore: update SBOM for Python 3.8 by @github-actions in #3423
chore: update SBOM for Python 3.11 by @github-actions in #3421
chore: update SBOM for Python 3.9 by @github-actions in #3422
chore(deps): bump github/codeql-action from 2.22.1 to 2.22.3 by @dependabot in #3427
feat: add latest upstream stable version in CPE summary by @ffontaine in #3267
ci: Add condition to skip job when PR author is Bot by @raffifu in #3433
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3432
updating docstring with formatted with black. requesting new PR for version_scanner.py by @rabroldan in #3429
docs: streamline readme file and reorg docs by @terriko in #3438
ci: Remove unused update_database workflow by @raffifu in #3439
feat: fuzz testing for JavaScript language parser by @raffifu in #3440
fix: pre-commit-config file by @mastersans in #3441
fix: do not hardcode console width by @ffontaine in #3451
chore(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in #3450
docs: add missing docstrings to async_utils.py by @pranshu-raj-211 in #3442
feat: fuzz testing for GoModParser by @mastersans in #3434
test: add non-debian based test for dosfstools in #3444
chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3458
chore: update SBOM for Python 3.8 by @github-actions in #3449
fix: Consistency of EPSS reporting (fixes #3461) by @anthonyharrison in #3462
chore: update SBOM for Python 3.9 by @github-actions in #3448
chore: update SBOM for Python 3.10 by @github-actions in #3447
ci: github actions for fuzz testing by @mastersans in #3467
docs: added missing GAD_Source docstrings by @pbelokon in #3469
test: re-enable test_SBOM in test_cli.py by @Anurag-Nagpal in #3474
ci: skip running tests on bot-generated sboms by @terriko in #3468
feat(checker): add zchunk by @ffontaine in #3481
chore: update SBOM for Python 3.9 by @github-actions in #3484
chore: update SBOM for Python 3.10 by @github-actions in #3483
chore: update SBOM for Python 3.11 by @github-actions in #3446
chore: update SBOM for Python 3.8 by @github-actions in #3485
feat: fuzz testing RustParser by @mastersans in #3479
test: add non-debian based tests for gawk by @donheshanthaka in #3482
Update cve_scan.yml by @CrypticRevenger in #3492
Testing CVE-Bin-Tool with Python 3.12 on Github by @Ferdinand-Ogama in #3445
fix: Added None checks for parsed purls (fixes #3478) by @weichslgartner in #3490
Ci: Change workflows to use python 3.11 by @Virtual4087 in #3496
chore: add interrogate to linters called by pre-commit by @ha36d in #3491
chore(deps): bump actions/setup-python from 2 to 4 by @dependabot in #3472
chore(deps-dev): bump mypy from v1.5.1 to 1.6.1 by @dependabot in #3435
chore(deps-dev): bump pre-commit from 3.4.0 to 3.5.0 by @dependabot in #3425
chore(deps): bump actions/checkout from 2 to 4 by @dependabot in #3471
chore: update pre-commit config by @github-actions in #3365
chore(deps): bump github/codeql-action from 2.22.4 to 2.22.5 by @dependabot in #3486
docs: add missing docstrings to data_sources/gad_source.py #3466 by @shivam200446 in #3488
docs: add missing docstrings to output_engine/init.py by @AryanBakliwal in #3480
chore(deps): bump check-spelling/check-spelling from 0.0.21 to 0.0.22 by @dependabot in #3364
fix: KeyError in format_data function by @joydeep049 in #3452
docs: add missing docstrings to data_sources/curl_source.py #3464 by @shivam200446 in #3489
test: enable package list by @joydeep049 in #3506
chore(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.1 by @dependabot in #3507
feat(checker): add traceroute checker by @ffontaine in #3501
chore: update SBOM for Python 3.11 by @github-actions in #3505
chore: update SBOM for Python 3.10 by @github-actions in #3504
chore: update SBOM for Python 3.8 by @github-actions in #3503
chore: update SBOM for Python 3.9 by @github-actions in #3502
chore: update checkers table by @github-actions in #3509
chore(deps): bump actions/dependency-review-action from 3.1.1 to 3.1.2 by @dependabot in #3511
feat(console): sort CPE summary by product by @ffontaine in #3521
chore: update SBOM for Python 3.9 by @github-actions in #3518
chore: update SBOM for Python 3.8 by @github-actions in #3517
chore: update SBOM for Python 3.10 by @github-actions in #3516
chore: update SBOM for Python 3.11 by @github-actions in #3515
chore(deps): bump actions/dependency-review-action from 3.1.2 to 3.1.3 by @dependabot in #3522
feat: fuzz testing JavaParser by @joydeep049 in #3514
chore(deps): bump github/codeql-action from 2.22.5 to 2.22.6 by @dependabot in #3523
fix: create new version comparison function by @terriko in #3470
fix: improve gdb checker by @ffontaine in #3520
chore(deps): bump conda-incubator/setup-miniconda from 2.2.0 to 2.3.0 by @dependabot in #3534
chore(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1 by @dependabot in #3526
chore: update SBOM for Python 3.8 by @github-actions in #3531
chore: update SBOM for Python 3.9 by @github-actions in #3530
chore: update SBOM for Python 3.11 by @github-actions in #3529
chore: update SBOM for Python 3.10 by @github-actions in #3528
fix: Use of NVD api 2.0 (fixes #3541) by @anthonyharrison in #3544
chore: update to pre-release version number by @terriko in #3551
chore(deps): bump actions/dependency-review-action from 3.1.3 to 3.1.4 by @dependabot in #3546
chore(deps): bump conda-incubator/setup-miniconda from 2.3.0 to 3.0.1 by @dependabot in #3549
typo in issue template by @perrinjerome in #3557
test_version_compare: use different pytest.raises for each instruction by @perrinjerome in #3555
version_compare: support + in versions by @perrinjerome in #3554
chore: update SBOM for Python 3.8 by @github-actions in #3563
chore: update SBOM for Python 3.9 by @github-actions in #3562
chore: update SBOM for Python 3.11 by @github-actions in #3561
chore: update SBOM for Python 3.10 by @github-actions in #3560
feat(checker): add exfatprogs checker by @ffontaine in #3542
chore: update checkers table by @github-actions in #3564
chore(deps): bump actions/setup-python from 4 to 5 by @dependabot in #3567
fix: improve version_compare to drop hashes by @terriko in #3566
chore: update SBOM for Python 3.10 by @github-actions in #3574
chore: update SBOM for Python 3.9 by @github-actions in #3573
chore: update SBOM for Python 3.8 by @github-actions in #3572
chore: update SBOM for Python 3.11 by @github-actions in #3571
chore(deps): bump github/codeql-action from 2.22.6 to 2.22.9 by @dependabot in #3568
fix: improve openssl checker by @ffontaine in #3569
feat(checker): add tesseract checker by @ffontaine in #3570
fix: update mosquitto pattern by @ffontaine in #3580
chore(deps-dev): bump pre-commit from 3.5.0 to 3.6.0 by @dependabot in #3577
chore: update checkers table by @github-actions in #3584
fix: improve version_compare logic by @terriko in #3548
fix: non-alphanumeric characters as separators by @terriko in #3565
feat(checker): add libevent checker by @ffontaine in #3587
fix: remove resizeGraph function by @terriko in #3585
feat(checker): add zstandard checker by @ffontaine in #3590
feat(checker): add xwayland checker by @ffontaine in #3591
feat(checker): add vlc checker by @ffontaine in #3593
chore: update checkers table by @github-actions in #3589
fix: remove cases of resizeGraph from examples by @terriko in #3592
chore: update SBOM for Python 3.9 by @github-actions in #3623
chore: update SBOM for Python 3.8 by @github-actions in #3622
chore: update SBOM for Python 3.10 by @github-actions in #3621
chore: update SBOM for Python 3.11 by @github-actions in #3620
feat(checker): add protobuf-c checker by @ffontaine in #3596
feat: disable metrics by default by @ffontaine in #3618
feat(checker): add socat checker by @ffontaine in #3597
fix: improve lua checker by @ffontaine in #3598
feat(checker): add tar checker by @ffontaine in #3600
feat(checker): add libvpx checker by @ffontaine in #3602
fix: drop wrong gnutls VENDOR_PRODUCT by @ffontaine in #3604
fix: update squashfs VENDOR_PRODUCT by @ffontaine in #3605
fix: update tor VENDOR_PRODUCT by @ffontaine in #3606
fix: update gawk pattern by @ffontaine in #3607
feat(checker): add lrzip checker by @ffontaine in #3608
fix: update glibc pattern by @ffontaine in #3611
fix: update zsh pattern by @ffontaine in #3613
fix: improve gdb pattern by @ffontaine in #3614
chore: bump version for 3.3 release by @terriko in #3630
fix: update coreutils pattern by @ffontaine in #3616
fix: update binutils pattern by @ffontaine in #3615
fix: update bison pattern by @ffontaine in #3617
feat(checker): add mbedtls checker by @ffontaine in #3619
feat(checker): add php checker by @ffontaine in #3627
fix: drop gpgme CPE ID without CVEs by @ffontaine in #3632
fix: drop rsync CPE ID without CVEs by @ffontaine in #3634
fix: drop netatalk CPE ID without CVEs by @ffontaine in #3635
feat(checker): add jq checker by @ffontaine in #3636
feat(checker): add libheif checker by @ffontaine in #3641
chore: update checkers table by @github-actions in #3624
docs: Updated examples in sbom_generation.md by @Mayankrai449 in #3640
feat(checker): add heimdal checker by @ffontaine in #3643
feat(checker): add libde265 checker by @ffontaine in #3645
ci: fix sbom test skipping logic by @terriko in #3631
chore: update checkers table by @github-actions in #3647
docs: add cmd for installing the cve-tool in virtualenv by @ayushthe1 in #3649
fix: update detailed description by @ffontaine in #3650
feat: Enable metrics if epss-{percentile,probability} is set by @ffontaine in #3642
chore: update SBOM for Python 3.8 by @github-actions in #3669
chore: update SBOM for Python 3.11 by @github-actions in #3668
chore: update SBOM for Python 3.9 by @github-actions in #3667
chore: update SBOM for Python 3.10 by @github-actions in #3666
test: temporarily disable failing tests by @terriko in #3655
fix: temporary disabling due to #3674 by @terriko in #3676
test: added test for OutputEngine with metrics=False by @mastersans in #3672
fix: Deprecate NVD API 1.0 by @akshatgokul in #3671
docs: add PHP launguage specification to docs by @Mahhheshh in #3665
feat: Fuzz Testing RParser by @joydeep049 in #3664
docs: Clarifying use of --metrics and epss options by @Mayankrai449 in #3663
chore: update spdx header by @github-actions in #3679
chore: update js dependencies by @github-actions in #3680
docs: Add appropriate docstring to output_engine/print_mode.py (#3457) by @aptitudepi in #3677
chore: update pre-commit config by @github-actions in #3678
docs(README.md): updated options list in README.md by @DEVESH-N2 in #3662
ci: add interrogate to github actions & exclude some directories by @ayushthe1 in #3612
feat(checker): add iwd checker by @ffontaine in #3660
chore: add template for docstrings issues by @terriko in #3685
chore: update SBOM for Python 3.9 by @github-actions in #3691
chore: update SBOM for Python 3.8 by @github-actions in #3690
chore: update SBOM for Python 3.10 by @github-actions in #3689
chore: update SBOM for Python 3.11 by @github-actions in #3688
chore: update checkers table by @github-actions in #3686
fix: add additional CPE IDs to faad2 by @ffontaine in #3699
chore(deps): bump actions/dependency-review-action from 3.1.4 to 3.1.5 by @dependabot in #3695
feat(checker): add netdata checker by @ffontaine in #3648
chore: fix broken docstrings issue template by @terriko in #3702
feat(checker): add micropython checker by @ffontaine in #3704
chore: update SBOM for Python 3.8 by @github-actions in #3709
chore: update SBOM for Python 3.9 by @github-actions in #3708
chore: update SBOM for Python 3.11 by @github-actions in #3707
chore: update SBOM for Python 3.10 by @github-actions in #3706
chore: update checkers table by @github-actions in #3703
feat: test handling of ~= in requirements.txt and add it to docs by @ayushthe1 in #3610
ci: improve interrogate/pre-commit config by @terriko in #3714
fix: [Snyk] Security upgrade pillow from 9.5.0 to 10.0.1 by @terriko in #3601
test: re-enable failing tests from #3653 by @terriko in #3720
fix: fail gracefully for npm .package-lock.json files by @terriko in #3654
chore: update SBOM for Python 3.9 by @github-actions in #3732
chore: update SBOM for Python 3.8 by @github-actions in #3731
chore: update SBOM for Python 3.11 by @github-actions in #3730
chore: update SBOM for Python 3.10 by @github-actions in #3729
chore(deps): bump actions/cache from 3.3.2 to 4.0.0 by @dependabot in #3739
feat(checker): add go checker by @ffontaine in #3651
docs: add docstrings to cve-bin-tool/util by @Mahhheshh in #3715
chore(deps): bump github/codeql-action from 2.22.9 to 3.23.0 by @dependabot in #3705
docs: added docstring to swid_parser.py by @Mahhheshh in #3716
feat: Fuzz testing PerlParser by @joydeep049 in #3725
chore: update checkers table by @github-actions in #3740
fix: improve robustness of version compare by @terriko in #3694
chore: update SBOM for Python 3.8 by @github-actions in #3749
chore: update SBOM for Python 3.9 by @github-actions in #3748
chore: update SBOM for Python 3.10 by @github-actions in #3747
chore: update SBOM for Python 3.11 by @github-actions in #3746
chore: set version to 3.3rc2 for pre-release by @terriko in #3750
docs: added docstrings to cve_bin_tool/strings.py by @inosmeet in #3717
chore(deps): bump actions/dependency-review-action from 3.1.5 to 4.0.0 by @dependabot in #3744
chore(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in #3742
feat: Fuzz testing PhpParser by @joydeep049 in #3724
docs: Added docstrings to cve_bin_tool/data_sources/redhat_source.py by @Mayankrai449 in #3719
docs: added interrogate to list of linters in CONTRIBUTING.md by @DEVESH-N2 in #3693
fix: removed nvd api 1.0 code by @mastersans in #3599
chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 by @dependabot in #3754
chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in #3763
chore: update SBOM for Python 3.8 by @github-actions in #3762
chore: update SBOM for Python 3.9 by @github-actions in #3761
chore: update SBOM for Python 3.11 by @github-actions in #3760
chore: update SBOM for Python 3.10 by @github-actions in #3759
ci: set default permissions on workflows by @terriko in #3765
ci: Add python 3.12 with fix from @milinddethe15 by @terriko in #3766
feat: Generate SBOM for Python 3.12 by @anthonyharrison in #3697
fix: update darkhttpd VENDOR_PRODUCT by @ffontaine in #3758
fix: update frr VENDOR_PRODUCT by @ffontaine in #3757
fix: enhance u-boot checker by @ffontaine in #3756
test: added test_get_version_map by @mastersans in #3687
feat: Add FOSDEM 2024 presentation by @anthonyharrison in #3783
docs: Deployment best practices guide by @terriko in #3780
chore(deps): bump step-security/harden-runner from 2.6.1 to 2.7.0 by @dependabot in #3767
chore(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in #3792
fix: add additional CPE ID to yasm by @ffontaine in #3789
chore: update SBOM for Python 3.9 by @github-actions in #3791
chore: update SBOM for Python 3.10 by @github-actions in #3790
feat(checker): add libvips checker by @ffontaine in #3788
fix: add additional CPE ID to c-ares by @ffontaine in #3787
fix: add additional CPE ID to json-c by @ffontaine in #3786
feat: Using tomllib instead of toml in python 3.11 and later deployments by @DEVESH-N2 in #3785
chore(deps): bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 by @dependabot in #3776
chore(deps): bump actions/upload-artifact from 3.1.3 to 4.3.1 by @dependabot in #3794
chore(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 by @dependabot in #3782
chore: update checkers table by @github-actions in #3793
chore: update SBOM for Python 3.11 by @github-actions in #3797
chore: update SBOM for Python 3.10 by @github-actions in #3796
feat: Fuzz Testing PythonParser by @joydeep049 in #3737
feat: Fuzz Testing RubyParser by @joydeep049 in #3736
feat: sbom auto detection for command line by @mastersans in #3734
fix: fixed quiet_mode test to ignore unimportant logs by @inosmeet in #3795
feat: Fuzz Testing SwiftParser by @joydeep049 in #3728
fix: use tarfile extract filters to open tarfiles more safely by @terriko in #3769
chore: update pre-commit config by @github-actions in #3772
fix: initialize data_source when NVD is disabled by @Mayankrai449 in #3814
chore(deps): bump haya14busa/action-cond from 1.1.1 to 1.2.1 by @dependabot in #3809
chore(deps-dev): bump pre-commit from 3.6.0 to 3.6.1 by @dependabot in #3808
chore: update SBOM for Python 3.9 by @github-actions in #3807
chore: update SBOM for Python 3.11 by @github-actions in #3806
chore: update SBOM for Python 3.10 by @github-actions in #3805
fix: update exim pattern by @ffontaine in #3804
fix: handle is_symlink PermissionError by @ffontaine in #3819
fix: fix network connection related fails of quiet_mode by @inosmeet in #3802
chore: add blank 3.12 sboms by @terriko in #3811
fix: resolve errors of fuzzing job fuzz_cyclonedx by @inosmeet in #3822
fix: make config generator robust by @mastersans in #3803
chore: update SBOM for Python 3.8 by @github-actions in #3828
chore: update SBOM for Python 3.9 by @github-actions in #3827
chore: update SBOM for Python 3.11 by @github-actions in #3826
chore: update SBOM for Python 3.10 by @github-actions in #3825
chore: update SBOM for Python 3.12 by @github-actions in #3824
docs: Add tip about python -m pytest #3816 by @M0be in #3831
chore(deps): bump codecov/codecov-action from 4.0.1 to 4.0.2 by @dependabot in #3867
docs: links/slides for old presentations by @terriko in #3810
chore: update SBOM for Python 3.8 by @github-actions in #3865
chore: update SBOM for Python 3.12 by @github-actions in #3864
chore: update SBOM for Python 3.11 by @github-actions in #3863
chore: update SBOM for Python 3.10 by @github-actions in #3861
chore: update SBOM for Python 3.9 by @github-actions in #3862
chore(deps): bump github/codeql-action from 3.24.0 to 3.24.5 by @dependabot in #3866
docs: Added correct pip install command for virtual environments by @HamzaMateen in #3852
docs: Add docstrings to cve_bin_tool/data_sources/rsd_source.py by @derekmarion in #3781
docs: add docstrings for fuzzing modules by @Mahhheshh in #3741
docs: Added docstrings to cve_bin_tool/input_engine.py by @tahifahimi in #3774
fix: set default width for console output by @ffontaine in #3855
fix: update sbom generation link by @ffontaine in #3847
chore(deps-dev): bump pre-commit from 3.6.1 to 3.6.2 by @dependabot in #3838
chore(deps): bump codecov/codecov-action from 4.0.2 to 4.1.0 by @dependabot in #3872
fix: Updated the OSV data source to ignore the new icons directory by @cinix in #3871
fix: resolve errors of fuzzing job fuzz_intermediate_report_merge by @inosmeet in #3857
feat(checker): add libuv checker by @ffontaine in #3856
ci: fixed issue in .github/workflows/cve_bin_tool_action.yml by @Mayankrai449 in #3898
chore(deps): bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #3890
chore(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in #3889
chore: update checkers table by @github-actions in #3886
chore: update SBOM for Python 3.8 by @github-actions in #3896
chore: update SBOM for Python 3.10 by @github-actions in #3895
chore: update SBOM for Python 3.9 by @github-actions in #3894
chore: update SBOM for Python 3.12 by @github-actions in #3893
chore: update SBOM for Python 3.11 by @github-actions in #3892
chore(deps): bump conda-incubator/setup-miniconda from 3.0.1 to 3.0.3 by @dependabot in #3884
chore(deps): bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 by @dependabot in #3881
feat: add extraction enhancements to include binary identification by @jananir640 in #3812
test: OSV ecosystems to check for missing and extra ecosytems by @cinix in #3882
feat: dart language parser by @mastersans in #3860
fix: temp cleanup for fuzzing by @mastersans in #3902
chore(deps): bump vapier/coverity-scan-action from 1.7.0 to 1.8.0 by @dependabot in #3901
chore: update pre-commit config by @github-actions in #3888
fix: Html report fix by @Mayankrai449 in #3906
feat: Retain the response and justification fields in VEX input by @cinix in #3880
fix: tempfile cleaning for Java Fuzzer by @joydeep049 in #3912
docs: add docs to cve_bin_tool/egg_updater.py(fix: #3878) by @abhijeetsourav in #3920
chore: update SBOM for Python 3.8 by @github-actions in #3919
feat: Added fuzzing to DartParser by @joydeep049 in #3900
chore: update SBOM for Python 3.9 by @github-actions in #3918
chore: update SBOM for Python 3.12 by @github-actions in #3917
chore: update SBOM for Python 3.10 by @github-actions in #3916
chore: update SBOM for Python 3.11 by @github-actions in #3915
docs: Added docstrings to csv2cve.py (fixes #3877) by @antoninoLorenzo in #3914
docs: Add docstrings to pdfbuilder.py by @octonawish-akcodes in #3843
fix: tempfile cleanup for Go fuzzer by @joydeep049 in #3913
feat(checker): add snapd checker by @mastersans in #3820
feat(checker): add checker for Moby by @inosmeet in #3753
fix: update snapd checker by @ffontaine in #3927
fix: frozen when extracting .zip protected by password by @mastersans in #3837
feat(checker): add checker for Docker (#2059) by @inosmeet in #3701
feat(checker): add System.net.http checker (#35) by @inosmeet in #3700
chore: update checkers table by @github-actions in #3924
feat: added purl generation for go parser by @inosmeet in #3833
feat: handle npm package-lock.json files correctly by @imsahil007 in #3745
chore(deps): bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 by @dependabot in #3926
chore(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in #3925
fix: improve bandit config #3830 by @harshittiwariii in #3885
chore: add interrogate checks for fuzz by @Error838 in #3935
chore: update checkers table by @github-actions in #3930
fix: config gen format by @Error838 in #3936
fix: fix typo of 'UNKNOWN' in console.py by @michaelwknott in #3940
chore: update SBOM for Python 3.9 by @github-actions in #3950
chore: update SBOM for Python 3.11 by @github-actions in #3949
chore: update SBOM for Python 3.12 by @github-actions in #3948
chore: update SBOM for Python 3.8 by @github-actions in #3947
chore: update SBOM for Python 3.10 by @github-actions in #3946
refactor: convert ConfigGenerator class to config_generator function by @michaelwknott in #3955
chore(deps): bump github/codeql-action from 3.24.7 to 3.24.8 by @dependabot in #3954
fix: Use colon as delimiter in CBT URN for better compatibility by @cinix in #3928
refactor: requests to happen in utils.py by @mastersans in #3953
docs: Add docstrings to validators.py by @mvp-2003 in #3952
chore(deps-dev): bump black from 24.2.0 to 24.3.0 by @dependabot in #3951
fix: handle PermissionError on filetype.guess by @ffontaine in #3958
feat: tempfile cleanup for RParser by @joydeep049 in #3944
fix: handle None for make_http_requests by @ffontaine in #3959
chore(deps): bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in #3956
fix: add tarfile test by @terriko in #3962
feat: added PURL generation for swift parser by @inosmeet in #3957
feat: added PURL generation to ruby parser by @inosmeet in #3939
fix: Added docstrings to validator.py by @devesh-2002 in #3891
chore: update SBOM for Python 3.8 by @github-actions in #3977
chore: update SBOM for Python 3.12 by @github-actions in #3976
chore: update SBOM for Python 3.9 by @github-actions in #3975
chore: update SBOM for Python 3.10 by @github-actions in #3974
chore: update SBOM for Python 3.11 by @github-actions in #3973
chore: update pre-commit config by @github-actions in #3993
feat: Update HTML report to use human-readable forms of Remarks type by @cinix in #3991
Trim the test/language_data/.package-lock.json down by @alevchenko12 in #3983
feat: added PURL generation to rust parser by @inosmeet in #3859
feat: tempclean Ruby by @joydeep049 in #3943
feat: tempfile cleanup for python-requirements parser by @joydeep049 in #3966
feat: added tempclean for Php Fuzzer by @joydeep049 in #3967
feat: added tempclean for perl-fuzzer by @joydeep049 in #3971
feat: added tempclean to python-fuzzer by @joydeep049 in #3972
feat: added PURL generation to JavaParser by @joydeep049 in #3986
feat: added PURL generation to PerlParser by @joydeep049 in #3992
chore: add triage for false positives by @mastersans in #3969
chore(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.3 by @dependabot in #3846
feat: heuristic splitting on '-' for lookups by @mastersans in #3839
chore(deps): bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in #3978
feat: add fix to prevent unknown vendor overwrite by @jananir640 in #3963
feat: PURL generation for PythonParser by @joydeep049 in #3945
feat: added PURL generation to JavascriptParser by @joydeep049 in #3987
test: added 0-cve display test by @joydeep049 in #3982
fix: windows needs python3.12 for tarfile support by @terriko in #4001
chore: update SBOM for Python 3.8 by @github-actions in #4009
chore: update SBOM for Python 3.10 by @github-actions in #4008
chore: update SBOM for Python 3.12 by @github-actions in #4007
chore: update SBOM for Python 3.9 by @github-actions in #4006
chore: update SBOM for Python 3.11 by @github-actions in #4005
feat: update regex in python checker to match python3.11-3.11.x pattern by @jananir640 in #3994
feat: Add ability to read CPE identifiers from CycloneDX triage data by @cinix in #3990
fix: cpe validation and standardize tests data by @mastersans in #4014
chore: bump version to 3.3rc3 for pre-release by @terriko in #4011

New Contributors

@bcieszko made their first contribution in #2961
@step-security-bot made their first contribution in #3031
@offsake made their first contribution in #3029
@gvozzolo made their first contribution in #2913
@yr1404 made their first contribution in #3129
@chillerno1 made their first contribution in #3134
@gluesmith2021 made their first contribution in #3245
@0o001 made their first contribution in #3274
@kumaryogesh17 made their first contribution in #3285
@r0ckYr made their first contribution in #3350
@Tengas made their first contribution in #2873
@sw-sdiepold made their first contribution in #3353
@Niloth-p made their first contribution in #3381
@Swarno-Coder made their first contribution in #3382
@reginareynolds made their first contribution in #3392
@bkpecho made their first contribution in #3387
@NabhiA made their first contribution in #3388
@raffifu made their first contribution in #3397
@rabroldan made their first contribution in #3429
@mastersans made their first contribution in #3441
@pranshu-raj-211 made their first contribution in #3442
@pbelokon made their first contribution in #3469
@Anurag-Nagpal made their first contribution in #3474
@CrypticRevenger made their first contribution in #3492
@Ferdinand-Ogama made their first contribution in #3445
@weichslgartner made their first contribution in #3490
@Virtual4087 made their first contribution in #3496
@ha36d made their first contribution in #3491
@shivam200446 made their first contribution in #3488
@AryanBakliwal made their first contribution in #3480
@joydeep049 made their first contribution in #3452
@perrinjerome made their first contribution in #3557
@Mayankrai449 made their first contribution in #3640
@akshatgokul made their first contribution in #3671
@Mahhheshh made their first contribution in #3665
@aptitudepi made their first contribution in #3677
@DEVESH-N2 made their first contribution in #3662
@inosmeet made their first contribution in #3717
@M0be made their first contribution in #3831
@HamzaMateen made their first contribution in #3852
@derekmarion made their first contribution in #3781
@cinix made their first contribution in #3871
@jananir640 made their first contribution in #3812
@abhijeetsourav made their first contribution in #3920
@antoninoLorenzo made their first contribution in #3914
@octonawish-akcodes made their first contribution in #3843
@harshittiwariii made their first contribution in #3885
@Error838 made their first contribution in #3935
@mvp-2003 made their first contribution in #3952
@devesh-2002 made their first contribution in #3891
@alevchenko12 made their first contribution in #3983

Full Changelog: v3.2.1...v3.3rc3

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE Binary Tool 3.3rc3 pre-release

What's Changed

New Contributors

Contributors