Workflow

Vunnel

Latest version: v0.22.2

Safety actively analyzes 625786 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 9

0.18.5

Bug Fixes

- improve the ubuntu provider to emit vuln rows for out of support entries [[477](https://github.com/anchore/vunnel/pull/477) westonsteimel]

**[(Full Changelog)](https://github.com/anchore/vunnel/compare/v0.18.4...v0.18.5)**

0.18.4

Bug Fixes

- Check download digest of rhel oval files [[462](https://github.com/anchore/vunnel/pull/462) wagoodman]

Additional Changes

- change dependabot to auto-approve only [[458](https://github.com/anchore/vunnel/pull/458) willmurphyscode]

**[(Full Changelog)](https://github.com/anchore/vunnel/compare/v0.18.3...v0.18.4)**

0.18.3

Additional Changes

- disable auto merging of dependabot PRs [[456](https://github.com/anchore/vunnel/pull/456) westonsteimel]
- Bump urllib3 from 2.0.5 to 2.0.7 (454)
- Bump jinja2 from 3.1.2 to 3.1.3 (455)

**[(Full Changelog)](https://github.com/anchore/vunnel/compare/v0.18.2...v0.18.3)**

0.18.2

Bug Fixes

- update vulnerability urls [[451](https://github.com/anchore/vunnel/pull/451) westonsteimel]

Additional changes
- hard-code severity for debian CVE-2023-44487 to inherit NVD severity [[448](https://github.com/anchore/vunnel/pull/448) willmurphyscode]

**[(Full Changelog)](https://github.com/anchore/vunnel/compare/v0.18.1...v0.18.2)**

0.18.1

Bug Fixes

- Redhat `package_name` with `/` do not always reference modules [[443](https://github.com/anchore/vunnel/issues/443) [#444](https://github.com/anchore/vunnel/pull/444) westonsteimel]

**[(Full Changelog)](https://github.com/anchore/vunnel/compare/v0.18.0...v0.18.1)**

0.18.0

Added Features

- extract description from Oracle Security Advisories [[437](https://github.com/anchore/vunnel/pull/437) westonsteimel]

Bug Fixes

- Alleviate RHEL provider CVE-list race condition [[438](https://github.com/anchore/vunnel/pull/438) wagoodman]

Additional Changes

- Load all schema url refs for offline validation [[436](https://github.com/anchore/vunnel/pull/436) wagoodman]
- Check PR author login, instead of actor [[434](https://github.com/anchore/vunnel/pull/434) willmurphyscode]
- Update dependabot-auto-merge to cancel itself on human push [[432](https://github.com/anchore/vunnel/pull/432) willmurphyscode]

**[(Full Changelog)](https://github.com/anchore/vunnel/compare/v0.17.12...v0.18.0)**

Page 1 of 9

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.