google/osv.dev

Issues

• Automate submodule updates

  #2443 opened 3 months ago by andrewpollock
  2

• The importer does not honour ignore_patterns for REST sources

  #2436 opened 3 months ago by andrewpollock
  1

• Corrections Needed for Several Malware Attributions

  #2729 opened 23 days ago by behnazh-w
  4

• Missing `Packages` for some malicious packages

  #2422 opened 23 days ago by hogo6002
  1

• There was a mass withdrawal event on Oct 2, almost all recent vulnerabilities in GIT are incorrectly withdrawn

  #2704 opened 23 days ago by timothee-chauvin
  3

• DLA-3911-1, DLA-3912-1 missing in OSV.dev all.zip

  #2708 opened 23 days ago by WiTe0DeViL
  3

• List of Vulnerable functions for CVEs

  #2677 opened a month ago by rohitcoder
  6

• Vulns from REST sources may be missed due to timing

  #2670 opened a month ago by michaelkedar
  3

• Request appears to be getting rate-limited?

  #2680 opened a month ago by jimshowalter
  3

• Crucial bug: osv-scanner does not detect known malicious package in lockfiles

  #2407 opened 3 months ago by maaaaz
  11

• Invalidate `last_update_date` when source changes

  #2424 opened 3 months ago by oliverchang
  1

• Import container/helm vulnerabilities from ArtifactHub.io

  #2666 opened a month ago by taraspos
  1

• Improve CVE entry management in OSV

  #2465 opened 3 months ago by hogo6002
  28

• Solution hashes for a vulnerability lies in an external fork

  #2415 opened 3 months ago by yashrsharma44
  4

• Support git-lfs for git sources.

  #2647 opened a month ago by oliverchang
  3

• Commit analysis crashes on orphaned commits

  #2646 opened a month ago by andrewpollock
  0

• Ingest SUSE/openSUSE OSV advisories

  #2543 opened a month ago by oliverchang
  8

• Failed to enumerate versions for some Debian packages

  #2387 opened a month ago by hogo6002
  3

• Support API queries for non-enumerated ecosystems

  #2401 opened a month ago by hogo6002
  1

• Git analysis: relax branch computation

  #2404 opened 3 months ago by oliverchang
  1

• Redeploy `pypi` Cloud Function

  #2637 opened a month ago by michaelkedar
  0

• Missing PURL converters

  #2402 opened 3 months ago by michaelkedar
  3

• Combine all `not yet assigned` Debian Security Tracker issues into OSV

  #2482 opened 2 months ago by hogo6002
  0

• CVE resolution or recommendation as a seperate attribute in the output json

  #2522 opened 2 months ago by arupm2007
  7

• How to query the API for vulnerabilities in a Git repo?

  #2576 opened 2 months ago by thoughtpolice
  5

• Some "all.zip" files do not contain all files

  #2575 opened 2 months ago by martin-bpw
  2

• Evaluate and enable cherrypick detection for cve-osv

  #2577 opened 2 months ago by oliverchang
  1

• Always return the upstream aliases when no alias groups are generated

  #2374 opened 4 months ago by Moullisha
  13

• Data quality issue with https://osv.dev/vulnerability/PYSEC-2024-71

  #2568 opened 2 months ago by edufresne
  4

• Combine Alpine Security Issue Tracker into OSV

  #2567 opened 2 months ago by hogo6002
  1

• Need search API based on actual CVE not vendor internally maintained ID

  #2521 opened 2 months ago by arupm2007
  1

• Query API for Ubuntu `linux` packages

  #2478 opened 3 months ago by dodys
  7

• `Fix available` tags are not accurate when multiple ecosystems are combined together

  #2491 opened 2 months ago by hogo6002
  0

• CI/CD: Add GitHub Actions Workflow to validate Swagger documentation

  #2487 opened 2 months ago by andrewpollock
  0

• Missing CVSS_V4 Severity Type in osvSeverityType Enum in Swagger Definition

  #2485 opened 2 months ago by James-o-Howson
  0

• DSA-5649-1 missing in OSV.dev

  #2471 opened 3 months ago by RamvigneshPasupathy
  6

• Affected methods by a vulnerability

  #2468 opened 3 months ago by NordCoderd
  1

• Data quality issue with CVE-2024-38356 & CVE-2024-38357

  #2358 opened 4 months ago by tjdett
  2

• Data quality issue with GHSA-4943-9vgg-gr5r

  #2463 opened 3 months ago by italvi
  2

• Strange behaviour in PyPI versions

  #2455 opened 3 months ago by rtfpessoa
  7

• Sustainably ensure invalidly prefixed records are not imported

  #2433 opened 3 months ago by andrewpollock
  3

• Export an `all.zip` containing every vulnerability.

  #2423 opened 3 months ago by michaelkedar
  0

• CVSS severities are never validated

  #2369 opened 4 months ago by michaelkedar
  1

• Update Documentation Logos for Dark Theme Consistency

  #2413 opened 3 months ago by stvmachine
  0

• Missing fixed attribute in libucl bug

  #2353 opened 4 months ago by inferno-chromium
  14

• Data quality issue with GO-2024-2521

  #2389 opened 4 months ago by Itxaka
  4

• Data quality issue with PYSEC-2024-60

  #2390 opened 4 months ago by woodruffw
  2

• Data quality issue with CVE-2023-34055

  #2375 opened 4 months ago by Albertoimpl
  7

• Request vulnerability of multiple package in the same request

  #2380 opened 4 months ago by enzofrnt
  4

• Haskell GHC ecosystem enumeration broken

  #2367 opened 4 months ago by andrewpollock
  0