Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False positives CVE-2021-27478 CVE-2021-27482 CVE-2021-27498 CVE-2021-27500 EIPStackGroup OpENer EtherNet/IP project matching npm opener package #231

Open
GoodOwl opened this issue Mar 6, 2025 · 0 comments
Open

False positives CVE-2021-27478 CVE-2021-27482 CVE-2021-27498 CVE-2021-27500 EIPStackGroup OpENer EtherNet/IP project matching npm opener package #231

GoodOwl opened this issue Mar 6, 2025 · 0 comments

Comments

@GoodOwl
Copy link

GoodOwl commented Mar 6, 2025

Describe the bug
One of the dependencies of the project is opener . When scanning our repository we get false positive on EIPStackGroup OpENer EtherNet/IP project.

Code Reproduce
Link to repo where the issue can reliably be reproduced:

Expected behavior
That opener:1.5.2 won't be accused of having vulnerabilities

Screenshots
If applicable, add screenshots to help explain your problem.

Environment (please complete the following information):

  • Platform - Linux
  • mochawesome version - 7.1.3
  • mocha (or other test library) version - 10.3.0
  • Node version - v18.20.3

Additional context
If it helps, the guys from the opener package have this mismatch issue mentioned here - domenic/opener#37
and grype had the same issue - anchore/grype#932
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoodOwl