Skip to content

OWASP/cve-lite-cli

v1.17.1 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 12d Vulnerability Scanning
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

security cve javascript nodejs owasp security-tools

Summary

AI summary

Malicious advisory findings now surface a clear removal message across all output modes.

Full changelog

Fixed

  • Validated fix version now shown in the finding line and verbose table instead of the raw OSV hint, preventing confusing downgrade suggestions.
  • Malicious advisory findings (MAL-*) now surface a clear removal message across all output modes: inline hint in compact, ⚠ Malicious badge and removal legend in verbose, and ⚠ Malicious badge with tooltip in the HTML report.

Community Contributions

Thank you for @mcascone for reporting this issue.

Validation

  • npm test
  • npm run build
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track OWASP/cve-lite-cli

Get notified when new releases ship.

Sign up free

About OWASP/cve-lite-cli

All releases →

Related context

Beta — feedback welcome: [email protected]