Uploaded image for project: 'OSS Index Vulnerabilities'
  1. OSS Index Vulnerabilities
  2. OSSIPUB-25

Nexus IQ scan of C type repositories

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: To Do
    • Priority: Major
    • Resolution: Unresolved
    • Labels:

      Description

      We are leveraging Nexus IQ to perform a cursory security scan of open source software that enters our ecosystem including developer tools.  We have gotten a few requests for C based software and would like to scan it.  From the documentation page it only covers builds managed by Conan.  Is there any guidance for evaluating C applications for issues?

      For example we are scanning Putty https://git.tartarus.org/?p=simon/putty.git after cloning the repository what is the next steps to properly scan it?

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            marc.priolo@cnb.com Marc Priolo
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:

                tigCommentSecurity.panel-title