vulnerabilities

What would you like to be added:

We can enrich the following subcommand by adding some details about the next update. For example, current db version, next db version, released datetime, is compatible, digest, etc.

$ grype db check
Update available!

Why is this needed:

For better UX and knowledge.

Additional context:

What happened

Evidence field doesn't show all the affected pods rather it shows only the count and only one pod details

• location: 127.0.0.1:10255
  vid: KHV044
  category: Privilege Escalation // Privileged container
  severity: high
  vulnerability: Privileged Container
  description: "A Privileged container exist on a node\n could expose the node/cluster
  \ to unwanted r

It seems that the link to A Roadmap for Node.js Security is dead. The proposed link on lirantal/awesome-nodejs-security#42 (comment) does work though. It might better be replaced in the documentation.

Context

• This is part of release-1.5 #148
• MEDIUM priority task

Tasks

• Remove dependency bcrypt-nodejs in package.json
• Add dependency bcrypt in package.json
• Migrate file app/data/user-dao.js to bcrypt
• Validate the instalation with the local test
• Add and submit the chang

Is this a request for help?: Yes

Is this a BUG REPORT or a FEATURE REQUEST? (choose one): FEATURE REQUEST

Can we add a option to allow the engine update vulnerabilities database through specific proxy ser

Current Behavior:

As identified in #1727, there may be multiple fields of CycloneDX BOMs that we currently don't ingest or display.

Proposed Behavior:

Assess DT's coverage of CycloneDX v1.4 fields and add support for ingesting and displaying missing fields.