Uploaded image for project: 'WINDUP - Red Hat Application Migration Toolkit'
  1. WINDUP - Red Hat Application Migration Toolkit
  2. WINDUP-355

Rules request: Report artifacts/jars that contain security vulnerabilities; use Victi.ms

    XMLWordPrintable

Details

    Description

      The artifacts or jars that contain security vulnerabilities should be reported.

      We could use up-to-date data from http://victi.ms/ .

      We could also use md5 hash to reverse search the artifacts G:A:V from Maven index:
      https://github.com/cstamas/maven-indexer-examples

      About: https://securityblog.redhat.com/tag/victi-ms/

      CVE: http://cve.mitre.org/

      Attachments

        Issue Links

          is related to

          Task - Represents a small unit of work that is not end-user facing. WINDUP-1030 Move the Victims addon to Windup core

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Dev Complete

          Task - Represents a small unit of work that is not end-user facing. WINDUP-366 Quickstart: Exampe Java rule with custom action, using custom dependency

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Dev Complete

          Activity

            People

              ozizka_jira Ondrej Zizka (Inactive)
              ozizka_jira Ondrej Zizka (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: