vulnerabilities

I note that there is a check whether the cluster is deployed into Azure Cloud .. see below.

I don't have a problem with that per se except that in a corporate environment I don't want to request a proxy whitelist exception with my CISO for an endpoint that we have no use for (http://www.azurespeed.com). Moreover, whilst this test will eventually timeout and the checks resume, it delays the pro

Context

• This is part of release-1.5 #148
• MEDIUM priority task

Tasks

• Remove dependency bcrypt-nodejs in package.json
• Add dependency bcrypt in package.json
• Migrate file app/data/user-dao.js to bcrypt
• Validate the instalation with the local test
• Add and submit the chang

Is this a request for help?: Yes

Is this a BUG REPORT or a FEATURE REQUEST? (choose one): FEATURE REQUEST

Can we add a option to allow the engine update vulnerabilities database through specific proxy ser

Current Behavior:

When viewing vulns in the Audit Vulnerabilities tab. the Analysis column appears to contain code (enum?) names, e.g. NOT_SET, FALSE_POSITIVE. This problem also occurs in Policy Violations tab.

Steps to Reproduce:

Open the Audit Vulnerabilities tab.

Expected Behavior:

The Analysis column contains language specific analysis values, e.g. Not Set, False Positive

Expected Behavior

Handle a bad object ID.

Actual Behavior

If a user changes the ID of a vendor or a product ID during subscription a 500 response is raised.

Steps to Reproduce the Problem

• list the CVEs of a vendor or a product
• open the browser inspector
• change the ID of the vendor or product
• click on the subscribe button

Specifications

• OpenCVE ve