From 14569ef525d1b8712e7c0312e18daa66aa33498c Mon Sep 17 00:00:00 2001 From: ved pawar <85354558+vedpawar2254@users.noreply.github.com> Date: Wed, 25 Dec 2024 00:07:01 +0530 Subject: [PATCH 1/2] docs: Improved alt-text in Architecture & Metrics in Manual.md Fixes #4604, improved alt-text in Architecture and Metrics --- doc/MANUAL.md | 73 ++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 63 insertions(+), 10 deletions(-) diff --git a/doc/MANUAL.md b/doc/MANUAL.md index 1d574f6f46..69a738b2e3 100644 --- a/doc/MANUAL.md +++ b/doc/MANUAL.md @@ -584,25 +584,25 @@ EPSS bridges this gap by incorporating up-to-date threat information from CVE an - Console -![console table](images/metric/console_table.png) +![Console output showing a table with columns for CVE Number, Severity, EPSS Score, and Exploitability, listing vulnerabilities found by the CVE Binary Tool. The table includes rows with specific CVE details, their associated severity levels, EPSS scores indicating the likelihood of exploitation, and exploitability status.](images/metric/console_table.png) -![console metric table](images/metric/metric_table.png) +![Console output showing a table with columns for CVE Number, Severity, EPSS Score, and Exploitability, listing vulnerabilities found by the CVE Binary Tool. The table includes rows with specific CVE details, their associated severity levels, EPSS scores indicating the likelihood of exploitation, and exploitability status.](images/metric/console_table.png) - HTML -![HTML metric table](images/metric/HTML.png) +![HTML output showing a table with columns for CVE Number, Severity, EPSS Score, and Exploitability, listing vulnerabilities found by the CVE Binary Tool. The table includes rows with specific CVE details, their associated severity levels, EPSS scores indicating the likelihood of exploitation, and exploitability status.](images/metric/HTML.png) - PDF - -![PDF metric table](images/metric/PDF.png) + +![PDF output showing a table with columns for CVE Number, Severity, EPSS Score, and Exploitability, listing vulnerabilities found by the CVE Binary Tool. The table includes rows with specific CVE details, their associated severity levels, EPSS scores indicating the likelihood of exploitation, and exploitability status.](images/metric/PDF.png) - CSV -![CSV metric table](images/metric/CSV.png) +![CSV output showing a table with columns for CVE Number, Severity, EPSS Score, and Exploitability, listing vulnerabilities found by the CVE Binary Tool. The table includes rows with specific CVE details, their associated severity levels, EPSS scores indicating the likelihood of exploitation, and exploitability status.](images/metric/CSV.png) - JSON -![JSON metric table](images/metric/JSON.png) +![JSON output showing a table with columns for CVE Number, Severity, EPSS Score, and Exploitability, listing vulnerabilities found by the CVE Binary Tool. The table includes rows with specific CVE details, their associated severity levels, EPSS scores indicating the likelihood of exploitation, and exploitability status.](images/metric/JSON.png) - JSON2 @@ -1163,15 +1163,68 @@ haxx,curl,7.34.0,CVE-2014-0139,MEDIUM,Unexplored, 4. `--format html` - creates a report in html format according to the specified HTML theme. -![image](images/html_preview.png) +
+ cve-bin-tool: Report Generated: 2022-07-27 + CVE Summary: + Severity, Count + CRITICAL, 12 + HIGH, 18 + MEDIUM, 15 + LOW, 4 + CVE Remarks: + Remark, Count + NEW, 26 + CONFIRMED, 3 + MITIGATED, 4 + UNEXPLORED, 16 + IGNORED, 0 + Scanned Files: + Vulnerable Files: 6 + No Known Vulnerabilities: 0 + Product CVEs: + Product, Version, CVE Count + haxx-curl, 7.59.0, 25 + haxx-libcurl, 7.59.0, 10 + mit-kerberos, 5-1.15.1, 8 + libjpeg-turbo, 2.0.1, 2 + ssh-ssh2, 2.0, 1 +
formated HTML report
+
The unexplored and new CVEs will be highlighted, it will look something like this: -![image](images/html_highlight.png) +
+ cve-bin-tool: Report + Vendor, Product, Version, CVE count, + libjpeg-turbo, libjpeg-turbo, 2.0.1, 4, + haxx, curl, 7.59.0, 26, + haxx, libcurl, 7.59.0, 10, + mit, kerberos_5, 5-1.15.1, 2, + mit, kerberos, 1.15.1, 3, + sun, sunos, 5.4, 127, + ssh, ssh2, 2.0, 4 +
formated HTML report
+
You can also filter scanned products by remark: -![image](images/html_filter.png) +
+ cve-bin-tool: filtered report + all,new,confirmed,mitigated,unexplored,ignored + filtered by remark: unexplored + Vendor, Product, Version, CVE count, + libjpeg-turbo, libjpeg-turbo, 2.0.1, 4, + haxx, libcurl, 7.59.0, 10, + mit, kerberos, 1.15.1, 3, + +
formated HTML report
+
5. `--format pdf` - creates a report in PDF format. From cec28723717d10190b46cfb14d12a48a2b44a25f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 24 Dec 2024 10:38:03 -0800 Subject: [PATCH 2/2] chore(deps): bump actions/upload-artifact from 4.4.0 to 4.5.0 (#4645) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/50769540e7f4bd5e21e526ee35c689e35e0d6874...6f51ac03b9356f520e9adb1b1b7802705f340c2b) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/update-js-dependencies.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-js-dependencies.yml b/.github/workflows/update-js-dependencies.yml index 950b74f967..f9b22078ef 100644 --- a/.github/workflows/update-js-dependencies.yml +++ b/.github/workflows/update-js-dependencies.yml @@ -73,7 +73,7 @@ jobs: output_html(TestOutputEngine.MOCK_OUTPUT, None, "", "", "", 3, 3, 0, None, None, open("test.html", "w"))' - name: Upload mock report - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: HTML report path: test.html