pypi cve-bin-tool 3.3a0
CVE Binary Tool pre-release 3.3a0

11 months ago

Preview release for 3.3, which will hopefully be coming in December.

There's a lot of changes in this release (see below, more curated release notes to come), but I'm particularly eager to have people try out the new version compare function and make sure it is sufficiently robust for arbitrary versions, as we needed to migrate away from the function provided in python packaging as it could not handle some of the versions we see in the NVD data.

What's Changed

  • fix: java parser failing to match vendor on product without '-' by @bcieszko in #2961
  • feat(checker): New checker request - GNU emacs by @bcieszko in #2941
  • chore: update SBOM for Python 3.7 by @github-actions in #3025
  • chore: update SBOM for Python 3.10 by @github-actions in #3024
  • chore: update SBOM for Python 3.9 by @github-actions in #3023
  • chore: update SBOM for Python 3.8 by @github-actions in #3022
  • chore: update SBOM for Python 3.11 by @github-actions in #3021
  • [StepSecurity] Apply security best practices by @step-security-bot in #3031
  • fix: Enhance SBOM docs (fixes #2922) by @offsake in #3029
  • ci: adjust dependabot config to limit false positives by @terriko in #3033
  • chore: update checkers table by @github-actions in #3026
  • chore: bump to dev version 3.2.2dev0 by @terriko in #3019
  • chore(deps): bump actions/dependency-review-action from 2.5.1 to 3.0.4 by @dependabot in #3034
  • chore: update SBOM for Python 3.7 by @github-actions in #3040
  • chore: update SBOM for Python 3.8 by @github-actions in #3039
  • chore: update SBOM for Python 3.9 by @github-actions in #3038
  • chore: update SBOM for Python 3.11 by @github-actions in #3037
  • chore: update SBOM for Python 3.10 by @github-actions in #3036
  • feat(checker): add mini_httpd checker by @ffontaine in #3020
  • feat(checker): add libmicrohttpd checker by @ffontaine in #3014
  • ci: fix dependabot config by @terriko in #3041
  • chore: update pre-commit config by @github-actions in #2968
  • feat(checker): add cpio checker by @ffontaine in #3013
  • ci: Harden GitHub Actions [StepSecurity] by @step-security-bot in #3043
  • feat(checker): add sngrep checker by @ffontaine in #3035
  • feat(checker): add fluidsynth checker by @ffontaine in #3012
  • feat(checker): add pixman checker by @ffontaine in #3010
  • feat(checker): add ldns checker by @ffontaine in #3004
  • feat(checker): add gzip checker by @ffontaine in #2998
  • chore: update checkers table by @github-actions in #3044
  • ci: Dependabot "duplicated" lines and ignore "*" by @terriko in #3045
  • chore(deps): bump github/codeql-action from 2.1.27 to 2.3.5 by @dependabot in #3049
  • chore(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6 by @dependabot in #3051
  • chore(deps): bump actions/checkout from 3.1.0 to 3.5.2 by @dependabot in #3050
  • chore: update pre-commit config by @github-actions in #3048
  • ci: pin dependency-review linux, fix dependabot by @terriko in #3055
  • feat(checker): add gdk-pixbuf checker by @ffontaine in #3011
  • feat(checker): add libtasn1 checker by @ffontaine in #3000
  • feat(checker): add dmidecode checker by @ffontaine in #2997
  • feat(checker): add libgd checker by @ffontaine in #2978
  • feat: merged report content change and comments added in html reports by @gvozzolo in #2913
  • feat: add support for pgp signing (#2577) by @b31ngd3v in #2882
  • chore: update checkers table by @github-actions in #3061
  • chore: update SBOM for Python 3.8 by @github-actions in #3070
  • chore: update SBOM for Python 3.7 by @github-actions in #3069
  • chore: update SBOM for Python 3.10 by @github-actions in #3068
  • chore: update SBOM for Python 3.9 by @github-actions in #3067
  • chore: update SBOM for Python 3.11 by @github-actions in #3066
  • ci: up timeouts on short and long tests by @terriko in #3072
  • feat(checker): add udisks checker by @ffontaine in #2999
  • feat(scanner): slight update in version display by @ffontaine in #3063
  • feat(checker): add readline checker by @ffontaine in #2976
  • feat(checker): add ntfs-3g checker by @ffontaine in #2973
  • feat(checker): add ngircd checker by @ffontaine in #3003
  • feat(checker): add libmodbus checker by @ffontaine in #3002
  • feat(checker): add coreutils checker by @ffontaine in #3001
  • fix: improve openssl checker by @ffontaine in #2987
  • chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @dependabot in #3052
  • chore: update SBOM for Python 3.8 by @github-actions in #3082
  • fix: root file path of vulnerable component is missing by @b31ngd3v in #3088
  • chore: update SBOM for Python 3.9 by @github-actions in #3081
  • chore: update SBOM for Python 3.10 by @github-actions in #3080
  • chore: update SBOM for Python 3.11 by @github-actions in #3079
  • chore: update SBOM for Python 3.7 by @github-actions in #3078
  • chore: update checkers table by @github-actions in #3073
  • chore(deps): bump step-security/harden-runner from 2.4.0 to 2.4.1 by @dependabot in #3090
  • chore(deps-dev): bump pre-commit from 3.3.2 to 3.3.3 by @dependabot in #3087
  • chore(deps): bump github/codeql-action from 2.3.5 to 2.20.0 by @dependabot in #3086
  • chore(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2 by @dependabot in #3085
  • chore(deps): bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #3084
  • fix: improve luajit checker by @ffontaine in #2993
  • fix: improve gimp checker by @ffontaine in #2992
  • ci: Automatically committing/suggesting linter fixes for PRs by @metabiswadeep in #3017
  • chore(deps): bump sphinx from 4.4.0 to 7.0.1 in /doc by @dependabot in #3056
  • fix: improve nghttp2 checker by @ffontaine in #2991
  • docs: adding database schema by @Rexbeast2 in #3097
  • chore(deps): bump github/codeql-action from 2.20.0 to 2.20.1 by @dependabot in #3098
  • fix: fix xerces CPE ID by @ffontaine in #2932
  • docs: including doc in build by @Rexbeast2 in #3102
  • chore: update SBOM for Python 3.8 by @github-actions in #3111
  • chore: update SBOM for Python 3.11 by @github-actions in #3110
  • chore: update SBOM for Python 3.7 by @github-actions in #3109
  • chore: update SBOM for Python 3.10 by @github-actions in #3108
  • chore: update SBOM for Python 3.9 by @github-actions in #3107
  • fix: report is not generated when no CVEs detected (#3028) by @b31ngd3v in #3075
  • ci: dedeuplicate usage of codeql by @metabiswadeep in #3100
  • feat: adding epss data by @Rexbeast2 in #3104
  • feat: updating schema by @Rexbeast2 in #3106
  • chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3112
  • chore: removing support for Python3.7 by @Rexbeast2 in #2655
  • fix: fetch cves from mirror not working by @b31ngd3v in #3122
  • chore: update SBOM for Python 3.8 by @github-actions in #3126
  • chore: update SBOM for Python 3.9 by @github-actions in #3125
  • chore: update SBOM for Python 3.11 by @github-actions in #3124
  • chore: update SBOM for Python 3.10 by @github-actions in #3123
  • fix: improve dnsmasq checker by @ffontaine in #3121
  • chore: update pre-commit config by @github-actions in #3120
  • refactor: improve explanation of cve year parsing by @b31ngd3v in #3132
  • ci: set explicit permissions for coverity.yml by @terriko in #3060
  • docs: update openssf scorecard link in README.md by @yr1404 in #3129
  • chore(deps): bump github/codeql-action from 2.20.1 to 2.20.2 by @dependabot in #3127
  • chore: update SBOM for Python 3.9 by @github-actions in #3141
  • chore: update SBOM for Python 3.10 by @github-actions in #3140
  • chore: update SBOM for Python 3.8 by @github-actions in #3139
  • chore: update SBOM for Python 3.11 by @github-actions in #3138
  • feat: adding EPSS data by @Rexbeast2 in #3130
  • fix: Update SPDX Version handling by @anthonyharrison in #3137
  • fix: refactor insert queries by @Rexbeast2 in #3145
  • chore(deps): bump github/codeql-action from 2.20.2 to 2.20.3 by @dependabot in #3135
  • fix: Database records being lost (fixes #3150) by @anthonyharrison in #3151
  • chore(deps-dev): bump black from 23.3.0 to 23.7.0 by @dependabot in #3149
  • chore: exclude autobuild step by @chillerno1 in #3134
  • test: fix tests broken by improved data by @terriko in #3160
  • ci: extend cache timeout, disable failing test by @terriko in #3168
  • chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 by @dependabot in #3158
  • chore(deps): bump github/codeql-action from 2.20.3 to 2.21.0 by @dependabot in #3171
  • chore: Add new checker request issue template by @terriko in #3155
  • ci: add cve-bin-tool-action by @b31ngd3v in #3156
  • chore: SBOM updates july24 by @terriko in #3174
  • chore(deps): bump sphinx from 7.0.1 to 7.1.0 by @dependabot in #3176
  • chore(deps): bump step-security/harden-runner from 2.4.1 to 2.5.0 by @dependabot in #3175
  • feat: Populate cvss by @Rexbeast2 in #3147
  • chore(deps): bump sphinx from 7.1.0 to 7.1.1 in /doc by @dependabot in #3184
  • fix: import json flag by @b31ngd3v in #3192
  • chore(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in #3190
  • chore(deps-dev): bump flake8 from 6.0.0 to 6.1.0 by @dependabot in #3191
  • chore(deps): bump sphinx from 7.1.1 to 7.1.2 by @dependabot in #3195
  • feat: Add User-Agent for mirroring by @terriko in #3183
  • chore: update SBOM for Python 3.8 by @github-actions in #3189
  • chore: update SBOM for Python 3.9 by @github-actions in #3188
  • chore: update SBOM for Python 3.10 by @github-actions in #3187
  • chore: update SBOM for Python 3.11 by @github-actions in #3186
  • chore: update SBOM for Python 3.9 by @github-actions in #3206
  • chore: update SBOM for Python 3.10 by @github-actions in #3205
  • chore: update SBOM for Python 3.11 by @github-actions in #3204
  • chore: update SBOM for Python 3.8 by @github-actions in #3203
  • feat: Update queries by @Rexbeast2 in #3172
  • fix: update libksba CPE ID by @ffontaine in #3217
  • fix: update nodejs semver in test files to avoid warning by @terriko in #3207
  • feat: adding EPSS to console table by @Rexbeast2 in #3224
  • feat: Include EPSS in JSON and CSV output by @Rexbeast2 in #3211
  • chore(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @dependabot in #3218
  • chore(deps): bump step-security/harden-runner from 2.5.0 to 2.5.1 by @dependabot in #3226
  • chore(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.7 by @dependabot in #3227
  • feat(checker): add dav1d checker by @ffontaine in #3228
  • feat(checker): add libcoap checker by @ffontaine in #3229
  • feat(checker): add bwm-ng checker by @ffontaine in #3230
  • docs: change master to main in sample github action by @VishnuSanal in #3246
  • fix: enable gimp tests by @ffontaine in #3239
  • chore: Add additional issue templates by @terriko in #3236
  • fix: split curl and libcurl checkers by @ffontaine in #3238
  • chore: remove dependency on py by @terriko in #3235
  • feat: Adding epss into HTML output by @Rexbeast2 in #3234
  • docs: adding epss by @Rexbeast2 in #3233
  • feat: including metric table in Console by @Rexbeast2 in #3215
  • feat: include EPSS metrics in output PDF by @Rexbeast2 in #3213
  • fix: handling of product versions and vendor name guessing by @rhythmrx9 in #3225
  • fix: enable ceph tests by @ffontaine in #3251
  • chore: update SBOM for Python 3.8 by @github-actions in #3249
  • chore: update SBOM for Python 3.10 by @github-actions in #3248
  • chore: update SBOM for Python 3.11 by @github-actions in #3247
  • fix: ignore non-vulnerable CPEs from NVD CVEs by @gluesmith2021 in #3245
  • fix: fix typo in curl_source.py by @ffontaine in #3258
  • chore: update SBOM for Python 3.9 by @github-actions in #3250
  • fix: osv version parsing by @b31ngd3v in #3261
  • chore(deps): bump sphinx from 7.1.2 to 7.2.0 in /doc by @dependabot in #3263
  • chore(deps): bump actions/dependency-review-action from 3.0.7 to 3.0.8 by @dependabot in #3257
  • chore(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @dependabot in #3253
  • feat: enhance products with no identified vulnerabilities by @ffontaine in #3254
  • fix: blank path gets added when using triage_input_file option by @b31ngd3v in #3264
  • chore(deps): bump sphinx from 7.2.0 to 7.2.2 by @dependabot in #3266
  • fix: rename expat checker by @ffontaine in #3256
  • feat: epss percentile filter by @Rexbeast2 in #3244
  • docs: basic architecture by @Rexbeast2 in #3240
  • feat: use cveb.in mirror by default by @b31ngd3v in #3265
  • chore: update checkers table by @github-actions in #3237
  • chore: update SBOM for Python 3.8 by @github-actions in #3271
  • chore: update SBOM for Python 3.10 by @github-actions in #3270
  • chore: update SBOM for Python 3.11 by @github-actions in #3269
  • chore: update SBOM for Python 3.9 by @github-actions in #3268
  • fix: probability word spellling by @0o001 in #3274
  • ci: use cveb.in mirror in cve-bin-tool-action by @b31ngd3v in #3282
  • fix: spelling issue by @ffontaine in #3281
  • docs: cve-bin-tool-action links & instructions by @b31ngd3v in #3276
  • chore(deps): bump sphinx from 7.2.2 to 7.2.3 in /doc by @dependabot in #3280
  • feat: add CPE summary (without latest stable release) by @ffontaine in #3277
  • feat: adding EPSS probability filter by @Rexbeast2 in #3273
  • chore: update pre-commit and fix linter errors by @metabiswadeep in #3308
  • fix: fix products with no identified vulnerabilities by @ffontaine in #3300
  • feat: sort CPE summary by @ffontaine in #3316
  • chore: update pre-commit config by @github-actions in #3302
  • feat(checker): add GNU grep by @ffontaine in #3294
  • feat(checker): add terminology checker by @ffontaine in #3295
  • fix: add additional openssh CPE ID by @ffontaine in #3291
  • fix: add additional iperf3 CPE ID by @ffontaine in #3290
  • feat(checker): add ed checker by @ffontaine in #3296
  • chore: update SBOM for Python 3.10 by @github-actions in #3311
  • docs: updated version of cycloneDX #3272 by @kumaryogesh17 in #3285
  • feat(checker): add gdal checker by @ffontaine in #3297
  • chore: update SBOM for Python 3.9 by @github-actions in #3312
  • chore: update SBOM for Python 3.8 by @github-actions in #3310
  • chore: update SBOM for Python 3.11 by @github-actions in #3309
  • chore(deps-dev): bump pre-commit from 3.3.3 to 3.4.0 by @dependabot in #3314
  • ci: switch to a faster Black mirror by @Molkree in #3342
  • chore(deps): bump github/codeql-action from 2.21.4 to 2.21.7 by @dependabot in #3341
  • chore: update SBOM for Python 3.10 by @github-actions in #3346
  • chore: update SBOM for Python 3.9 by @github-actions in #3345
  • chore: update SBOM for Python 3.8 by @github-actions in #3344
  • chore: update SBOM for Python 3.11 by @github-actions in #3343
  • chore(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0 by @dependabot in #3319
  • chore(deps): bump actions/cache from 3.3.1 to 3.3.2 by @dependabot in #3320
  • chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3318
  • chore: update checkers table by @github-actions in #3324
  • fixed : #3347 by @r0ckYr in #3350
  • chore(deps): bump actions/checkout from 3.5.3 to 4.0.0 by @dependabot in #3315
  • feat(checker): add hwloc checker by @ffontaine in #3340
  • chore(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in #3352
  • chore: update checkers table by @github-actions in #3351
  • ci: Remove dependabot ignores by @terriko in #3348
  • feat(checker): add civetweb checker by @ffontaine in #3298
  • feat(checker): add qpdf checker by @ffontaine in #3299
  • feat(checker): add mpg123 checker by @ffontaine in #3301
  • feat(checker): add minetest checker by @ffontaine in #3303
  • feat(checker): add rpm checker by @ffontaine in #3304
  • feat(checker): add mupdf checker by @ffontaine in #3305
  • feat(checker): add axel checker by @ffontaine in #3306
  • feat(checker): add monit checker by @ffontaine in #3307
  • fix: mypy-errors in helper_script.py (#2763) by @Tengas in #2873
  • docs: specify docs build.os by @terriko in #3349
  • chore: update checkers table by @github-actions in #3354
  • chore(deps): bump sphinx from 7.2.3 to 7.2.6 in /doc by @dependabot in #3338
  • chore: update SBOM for Python 3.9 by @github-actions in #3358
  • chore: update SBOM for Python 3.10 by @github-actions in #3357
  • chore: update SBOM for Python 3.8 by @github-actions in #3356
  • chore: update SBOM for Python 3.11 by @github-actions in #3355
  • chore(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in #3363
  • chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #3359
  • feat(checker): extended BindChecker by @sw-sdiepold in #3353
  • test: improve flaky java language scanner test by @terriko in #3362
  • chore: update SBOM for Python 3.9 by @github-actions in #3371
  • chore: update SBOM for Python 3.11 by @github-actions in #3370
  • chore: update SBOM for Python 3.10 by @github-actions in #3369
  • chore: update SBOM for Python 3.8 by @github-actions in #3368
  • chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 by @dependabot in #3375
  • chore(deps): bump step-security/harden-runner from 2.5.1 to 2.6.0 by @dependabot in #3376
  • docs: Add missing docstrings fetch_json_db.py by @Niloth-p in #3381
  • Fix : add missing docstrings to package_list_parser.py #3377 by @Swarno-Coder in #3382
  • ci: add conditional execution for SBOM workflow on the main repository. by @rudrakshkarpe in #3389
  • feat: Add purl support for SBOMs by @anthonyharrison in #3373
  • chore: update SBOM for Python 3.9 by @github-actions in #3402
  • chore: update SBOM for Python 3.10 by @github-actions in #3401
  • chore: update SBOM for Python 3.8 by @github-actions in #3400
  • chore: update SBOM for Python 3.11 by @github-actions in #3399
  • feat(checker): add dosfstools by @sw-sdiepold in #3391
  • feat(checker): add debianutils by @sw-sdiepold in #3390
  • docs: add missing docstrings to cvedb.py by @reginareynolds in #3392
  • feat(checker): gawk checker by @sw-sdiepold in #3395
  • feat(checker): enhance e2fsprogs by @sw-sdiepold in #3396
  • feat(checker): add twonky_server by @ffontaine in #3408
  • chore(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3403
  • chore(deps): bump github/codeql-action from 2.21.9 to 2.22.1 by @dependabot in #3406
  • chore(deps): bump stefanzweifel/git-auto-commit-action from 4.16.0 to 5.0.0 by @dependabot in #3404
  • docs: add missing docstrings to cli.py by @bkpecho in #3387
  • docs: add missing docstrings to log.py #3383 by @NabhiA in #3388
  • fix: improve hostapd checker by @ffontaine in #3413
  • fix: improve tcpdump checker by @ffontaine in #3414
  • chore: update checkers table by @github-actions in #3411
  • feat: fuzz testing PythonRequirementsParser by @raffifu in #3397
  • fix: improve samba checker by @ffontaine in #3426
  • chore: update SBOM for Python 3.10 by @github-actions in #3424
  • chore: update SBOM for Python 3.8 by @github-actions in #3423
  • chore: update SBOM for Python 3.11 by @github-actions in #3421
  • chore: update SBOM for Python 3.9 by @github-actions in #3422
  • chore(deps): bump github/codeql-action from 2.22.1 to 2.22.3 by @dependabot in #3427
  • feat: add latest upstream stable version in CPE summary by @ffontaine in #3267
  • ci: Add condition to skip job when PR author is Bot by @raffifu in #3433
  • chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3432
  • updating docstring with formatted with black. requesting new PR for version_scanner.py by @rabroldan in #3429
  • docs: streamline readme file and reorg docs by @terriko in #3438
  • ci: Remove unused update_database workflow by @raffifu in #3439
  • feat: fuzz testing for JavaScript language parser by @raffifu in #3440
  • fix: pre-commit-config file by @mastersans in #3441
  • fix: do not hardcode console width by @ffontaine in #3451
  • chore(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in #3450
  • docs: add missing docstrings to async_utils.py by @Kaito117 in #3442
  • feat: fuzz testing for GoModParser by @mastersans in #3434
  • test: add non-debian based test for dosfstools in #3444
  • chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3458
  • chore: update SBOM for Python 3.8 by @github-actions in #3449
  • fix: Consistency of EPSS reporting (fixes #3461) by @anthonyharrison in #3462
  • chore: update SBOM for Python 3.9 by @github-actions in #3448
  • chore: update SBOM for Python 3.10 by @github-actions in #3447
  • ci: github actions for fuzz testing by @mastersans in #3467
  • docs: added missing GAD_Source docstrings by @pbelokon in #3469
  • test: re-enable test_SBOM in test_cli.py by @Anurag-Nagpal in #3474
  • ci: skip running tests on bot-generated sboms by @terriko in #3468
  • feat(checker): add zchunk by @ffontaine in #3481
  • chore: update SBOM for Python 3.9 by @github-actions in #3484
  • chore: update SBOM for Python 3.10 by @github-actions in #3483
  • chore: update SBOM for Python 3.11 by @github-actions in #3446
  • chore: update SBOM for Python 3.8 by @github-actions in #3485
  • feat: fuzz testing RustParser by @mastersans in #3479
  • test: add non-debian based tests for gawk by @donheshanthaka in #3482
  • Update cve_scan.yml by @CrypticRevenger in #3492
  • Testing CVE-Bin-Tool with Python 3.12 on Github by @Ferdinand-Ogama in #3445
  • fix: Added None checks for parsed purls (fixes #3478) by @weichslgartner in #3490
  • Ci: Change workflows to use python 3.11 by @Virtual4087 in #3496
  • chore: add interrogate to linters called by pre-commit by @ha36d in #3491
  • chore(deps): bump actions/setup-python from 2 to 4 by @dependabot in #3472
  • chore(deps-dev): bump mypy from v1.5.1 to 1.6.1 by @dependabot in #3435
  • chore(deps-dev): bump pre-commit from 3.4.0 to 3.5.0 by @dependabot in #3425
  • chore(deps): bump actions/checkout from 2 to 4 by @dependabot in #3471
  • chore: update pre-commit config by @github-actions in #3365
  • chore(deps): bump github/codeql-action from 2.22.4 to 2.22.5 by @dependabot in #3486
  • docs: add missing docstrings to data_sources/gad_source.py #3466 by @shivam200446 in #3488
  • docs: add missing docstrings to output_engine/init.py by @AryanBakliwal in #3480
  • chore(deps): bump check-spelling/check-spelling from 0.0.21 to 0.0.22 by @dependabot in #3364
  • fix: KeyError in format_data function by @crazytrain328 in #3452
  • docs: add missing docstrings to data_sources/curl_source.py #3464 by @shivam200446 in #3489
  • test: enable package list by @crazytrain328 in #3506
  • chore(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.1 by @dependabot in #3507
  • feat(checker): add traceroute checker by @ffontaine in #3501
  • chore: update SBOM for Python 3.11 by @github-actions in #3505
  • chore: update SBOM for Python 3.10 by @github-actions in #3504
  • chore: update SBOM for Python 3.8 by @github-actions in #3503
  • chore: update SBOM for Python 3.9 by @github-actions in #3502
  • chore: update checkers table by @github-actions in #3509
  • chore(deps): bump actions/dependency-review-action from 3.1.1 to 3.1.2 by @dependabot in #3511
  • feat(console): sort CPE summary by product by @ffontaine in #3521
  • chore: update SBOM for Python 3.9 by @github-actions in #3518
  • chore: update SBOM for Python 3.8 by @github-actions in #3517
  • chore: update SBOM for Python 3.10 by @github-actions in #3516
  • chore: update SBOM for Python 3.11 by @github-actions in #3515
  • chore(deps): bump actions/dependency-review-action from 3.1.2 to 3.1.3 by @dependabot in #3522
  • feat: fuzz testing JavaParser by @crazytrain328 in #3514
  • chore(deps): bump github/codeql-action from 2.22.5 to 2.22.6 by @dependabot in #3523
  • fix: create new version comparison function by @terriko in #3470
  • fix: improve gdb checker by @ffontaine in #3520
  • chore(deps): bump conda-incubator/setup-miniconda from 2.2.0 to 2.3.0 by @dependabot in #3534
  • chore(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1 by @dependabot in #3526
  • chore: update SBOM for Python 3.8 by @github-actions in #3531
  • chore: update SBOM for Python 3.9 by @github-actions in #3530
  • chore: update SBOM for Python 3.11 by @github-actions in #3529
  • chore: update SBOM for Python 3.10 by @github-actions in #3528
  • fix: Use of NVD api 2.0 (fixes #3541) by @anthonyharrison in #3544

New Contributors

Full Changelog: v3.2.1...v3.3.a0

Don't miss a new cve-bin-tool release

NewReleases is sending notifications on new releases.