-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FP]: python prometheus_client popping CVE for prometheus server #6488
Comments
Hello, |
@Nitish1210 which version are you on? I believe this was fixed https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md#version-9010-2024-03-15 |
Then why this issue not closed yet? |
Also for me, the following package is causing the problem. References: Vulnerability CVE-2019-3826 |
You would need to put in a PR for that specific CVE. |
@jsch-adt you mean, i need to create new issue in this repo for the package i am getting alerts? |
Yes, added to the previous change for the other CVEs. |
Package URl
pkg:pypi/prometheus-client@0.20.0
CPE
cpe:2.3:a:prometheus:prometheus:0.20.0:*:*:*:*:*:*:*
CVE
CVE-2019-3826
ODC Integration
{"label"=>"CLI"}
ODC Version
9.0.8
Description
CVE is for the Prometheus server, while prometheus_client is a python library.
The text was updated successfully, but these errors were encountered: