OSSIndex/vulns

Issues

• SLF4JServiceProvider in log4J-SLf4j18-IMPL 2.0 does not implement the getRequestedApiVersion method

  #292 opened 2 years ago by shine620
  2

• CVE-2020-14359 false positive

  #286 opened 2 years ago by bovy89
  3

• Missing CWE-185 for Moment.js

  #310 opened 2 years ago by ashwinmayils
  2

• Incorrect vulnerability details for Ansible in Pypi CVE-2021-3447

  #311 opened 2 years ago by janlaan
  3

• Missing Vulnerable information

  #312 opened 2 years ago by VASAVI512
  3

• Bug: `node-canvas` Incorrect vulnerability details

  #326 opened 2 years ago by vladmandic
  1

• sonatype-2014-0038 shelljs false positive

  #329 opened 2 years ago by asbrum
  1

• Incorrect vulnerability details - CVE-2015-5162 & CVE-2021-3563

  #330 opened 2 years ago by l-martin-l
  1

• Incorrect vulnerability details - Django v4.1.x is not vulnerable to CVE-2022-34265

  #332 opened 2 years ago by rylyade1
  1

• CVEs are REJECTed in NVD and should be removed

  #333 opened 2 years ago by flemminglau
  2

• Incorrect vulnerability details pysaml2

  #334 opened 2 years ago by Shortfinga
  1

• Missing CVE-2021-20323 for keycloak-core:15

  #317 opened 2 years ago by trash-80
  3

• Bug: https://ossindex.sonatype.org/vulnerability/sonatype-2016-0026

  #313 opened 2 years ago by bdemers
  3

• Bug: https://ossindex.sonatype.org/vulnerability/CVE-2020-36204 (Incorrect vulnerability details)

  #314 opened 2 years ago by janpio
  4

• Missing Advisory: CVE-2022-24329 for Kotlin

  #315 opened 2 years ago by estebanhiguitad
  2

• Bug: https://ossindex.sonatype.org/vulnerability/CVE-2019-0820?component-type=nuget&component-name=System.Text.RegularExpressions

  #320 opened 2 years ago by joacimsvensson
  2

• Incorrect vulnerability details for CVE-2022-2053

  #321 opened 2 years ago by aikebah
  3

• False positive CVE reported for Pypi package ansible-core

  #323 opened 2 years ago by p3pijn
  3

• Incorrect vulnerability details for sonatype-2022-4070 (does not apply to yaml.v2)

  #322 opened 2 years ago by heyLu
  5

• Missing vulnerability details - styled-components - sonatype-2022-2249

  #331 opened 2 years ago by albertwangnz
  5

• Bug: https://ossindex.sonatype.org/vulnerability/sonatype-2017-0348

  #316 opened 2 years ago by albertwangnz
  9

• Incorrect vulnerability details - SnakeYAML CVE-2022-38752 (affected versions)

  #328 opened 2 years ago by albertwangnz
  13

• Incorrect vulnerability details - SnakeYAML CVE-2022-38751 (affected versions)

  #327 opened 2 years ago by chadlwilson
  2

• Incorrect vulnerability details ActiveMQ vs Artemis

  #307 opened 2 years ago by urld
  5

• Incorrect vulnerability details

  #295 opened 2 years ago by lostunicorn
  3

• False positive CVEs reported for Ruby on Rails version 7.0.3.1 component activerecord

  #325 opened 2 years ago by arudinskis
  0

• Missing CVE-2021-3629 on undertow

  #324 opened 2 years ago by flemminglau
  0

• False positive on pandas 1.3.3 - CVE-2020-13091

  #302 opened 2 years ago by bahrb
  4

• Incorrect versions in vulnerability

  #319 opened 2 years ago by davecramer
  1

• Incorrect vulnerability details for CVE-2022-2596

  #318 opened 2 years ago by nicodemoraffaele
  1

• Bug: CVE-2019-20478 false positive on latest version of ruamel.yaml

  #290 opened 2 years ago by gcradden
  2

• jQuery on NuGet-feed has incorrect vulnerability

  #289 opened 2 years ago by mattiaskagstrom
  3

• Incorrect vulnerability details for cytoscape (npm)

  #288 opened 2 years ago by jimivdw
  2

• Incorrect vulnerability details

  #287 opened 2 years ago by pwagland
  3

• Incorrect vulnerability details: CVE-2020-25658 python-rsa

  #301 opened 2 years ago by Shortfinga
  2

• Is there a wrong message about "Microsoft.IdentityModel:7.0.0"?

  #297 opened 2 years ago by NPC-RX
  2

• Incorrect vulnerability details: CVE-2021-0341 - com.squareup.okhttp3:okhttp

  #296 opened 2 years ago by bykes
  3

• False positive/negative CVE-2020-17495 django-celery-results

  #304 opened 2 years ago by elastic-pangolin
  2

• jQuery.Validation sonatype-2022-3016 already fixed in 1.19.4

  #293 opened 2 years ago by henryzhao95
  2

• Possibly incorrect vulnerability details for spring-web 5.3.21 - [CVE-2016-1000027] CWE-502: Deserialization of Untrusted Data (9.8)

  #309 opened 2 years ago by carlosromero68
  2

• Incorrect vulnerability details for CVE-2018-18928 icu4j

  #306 opened 2 years ago by urld
  2

• Incorrect vulnerability details

  #303 opened 2 years ago by revoltek-daniel
  2

• Incorrect vulnerability details CVE-2022-2191

  #308 opened 2 years ago by msymons
  6

• Incorrect vulnerability details

  #305 opened 2 years ago by martin-traverse
  3

• Incorrect flagging SQL injection in DeveloperForce, a web client library

  #298 opened 2 years ago by JettJones
  1

• sonatype-2020-1324 is not a vulnerability

  #299 opened 2 years ago by msymons
  5

• Bug: sonatype-2022-2100

  #300 opened 2 years ago by lukaseder
  2

• Bug: Incorrect vulnerability details for Google Guava

  #285 opened 2 years ago by wjglerum
  3

• CVE-2022-1214 is reported while that CVE has been rejected

  #291 opened 2 years ago by janlaan
  1

• Missing all Open Liberty vulnerabilities

  #294 opened 2 years ago by Kiiv
  1