Skip to main content

Changes in Update Released between 20-Oct-2020 to 11-Mar-2021

This Update includes the changes described in the following sections.

Issues/Bugs Addressed

The following issues were addressed in the Update:

Issue IDIssue Summary
SCA-27739False Positives when scanned Oracle OpenJDK
SCA-28603Unable to find a component that is identified as first level dependency
SCA-26834Sun (Restricted) and Sun-IP Licenses not detected
SCA-29523License discrepancy for CURL component
SCA-27024Gnutls component missing vulnerabilities, versions and wrong url
SCA-30866Hdf5 license (ID: 1224) is not correct
SCA-30797Incorrect Licensing Detection for Microsoft .Net
SCA-30525Component gpg-gnupg missing encryption flag
SCA-27722Incorrect vulnerabilities matched with component versions for Rust
SCA-32271PDL_VULNERABILITY table is empty in the latest PDL update
SCA-33031BOM: Discrepancies due to search term rule basics-vector

New Component Detection Rules

  • Setup.js

  • MD% algorithm class library

  • PhantomJs

  • Cefsharp

  • Virtual-dom v2.1.1

  • Named-js-regexp

  • MarkupSafe

  • OCHamcrest

  • OCMockito

  • Libsrtp

  • Ans_up

  • HockeySDK

  • Aimage

  • Ua-parser-js v0.7.10.

  • Autofac.Wcf

  • Vector.js

  • Untildify v3.0.2

  • Post-robot v7.0.15.

  • Axios

  • JSONTestSuite

  • Rpc-server.js

New Features Incorporated

The following new features were incorporated:

Issue IDIssue Summary
SCA-26848CVSS 3.1 - Data Collection
SCA-26808Add Vulnerability dates to PDL tables
SCA-26181Component CPE Mapping

New Component Requests Released

  • Isc bind

  • Canvas-toblob.js

  • Newrelic.opentracing.amazonlambda.tracer

  • Libepoxy

  • Tags

  • Json.net

  • Jquery-menu-aim-fw

  • Microsoft.appcenter for macos

  • Microsoft.appcenter.analytics for macos

  • Apache-apr

  • Cyan4973-lz4

  • Gnu-screen

  • Jamesflorentino-nanoscrollerjs

  • Mtd-utils

  • Npth

  • Pam

  • Eeepc-acpi-scripts

  • Sharpziplib

  • Mahapps.metro.simplechildwindow - nuget gallery

  • Wpfnotification - nuget gallery

  • Microsoft-windowsapicodepack-shellextensions - nuget gallery

  • Controlzex/controlzex - github

  • Mahapps.metro.iconpacks - nuget gallery

  • Mvvmlight - nuget gallery

  • Ini-parser - nuget gallery

  • Mahapps/mahapps.metro - github

  • Angular/angular-cli - github

  • System.data.sqlite.core - nuget gallery

  • System.data.sqlite.ef6.migrations - nuget gallery

  • Microsoft asp.net mvc 4 (***deprecated***)

  • Wxwindows library license

  • Wxwidgets

  • Karma-runner karma

  • Openssh - in c

  • Base-passwd

  • Init-ifupdown

  • Procps

  • Binutils

  • 7-zip

  • Kmod

  • Matplotlib

  • Scons - a software construction tool - scons

  • Tagish library

  • Qos-ch-slf4j

  • Flex - lexical scanner generator

  • Application insights persisted http channel

  • Cairo-pixman

  • Flat_hash_map

  • Fontconfig

  • Free type

  • Gnutls library

  • Tianmajs/libm - github

  • Libsoup

  • Microsoft.applicationinsights - nuget gallery

  • Slodge/mvvmcross - github

  • Pdfsharp - nuget gallery

  • Sharppdf

  • Twain data source manager

  • Twain sample data source and application - twain 2.0 sample data source

  • Windows driver kit (wdk) 8.0 samples for visual studio 2012

  • Microsoft/windows-universal-samples - github

  • Html agility pack

  • Microsoft.extensions.caching.abstractions

  • Microsoft.extensions.caching.memory

  • Microsoft.extensions.dependencyinjection.abstractions

  • Microsoft.extensions.options

  • Microsoft.extensions.primitives

  • Microsoft.netcore.platforms

  • System.componentmodel.annotations

  • System.runtime.compilerservices.unsafe

  • System.security.cryptography.xml

  • Microsoft.owin

  • Microsoft.owin.host.systemweb

  • Microsoft.owin.security

  • Mimemapping

  • Nconfiguration

  • Nlog

  • Nuget.commandline

  • Nunit

  • Restsharp

  • Closedxml

  • Apache cxf buildtools

  • Apache neethi

  • Weblinc-matchmedia

  • Twain/twain-dsm

  • Twain-twain-samples

  • Windows driver kit (wdk) 8.0 samples for visual studio 2012