github / advisory-database Public

Notifications
Fork 302
Star 1.6k

Code
Issues 45
Pull requests 57
Discussions
Actions
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Security
Insights

Issues: github/advisory-database

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

45 Open 114 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

NPM IP package warning overstates danger

#3537 opened Feb 14, 2024 by matkoniecz

List Perl as an environment

#3536 opened Feb 14, 2024 by briandfoy

arduino-ide-extension marked as malware

#3487 opened Feb 8, 2024 by rhaidiz

include advisories from Snyk

#3449 opened Jan 29, 2024 by alex-at-cascade

Inconsistent package identifier format for vulnerabilities in the Swift ecosystem

#3333 opened Jan 24, 2024 by fviernau

Repo specific advisories with CVE IDs don't make it into the global set

#3266 opened Jan 5, 2024 by joshbressers

GHSA-rjhf-4mh8-9xjq is a duplicate of GHSA-3mv5-343c-w2qg

#3085 opened Dec 19, 2023 by lukas-braune

Unable to improve advisory database for C / C++ packages

#2963 opened Nov 21, 2023 by mswilson

Does the advisory database cover other maven repositories?

#2900 opened Oct 31, 2023 by joshbressers

Need CVE auto-linking disambiguation to CVEs that belong to more than 1 project

#2869 opened Oct 19, 2023 by joakime

Extend GitHub's CNA scope

#2718 opened Sep 10, 2023 by Marcono1234

CONTRIBUTING.md references OSV schema while the actual repo/PR builds reject valid JSON

#2644 opened Aug 21, 2023 by daniel-beck

Support for zig packages in build.zig.zon

#2610 opened Aug 9, 2023 by figsoda

Why not every CVE collected in GHSA?

#2451 opened Jun 25, 2023 by JustinB1eber

Package vs module for go advisories

#2224 opened May 5, 2023 by ArthurBrillant

Should use "MEDIUM" instead of "MODERATE" in CVSS rating

#2189 opened Apr 24, 2023 by sschuberth

Dependency Submission API - Opam Protocol

#1897 opened Mar 31, 2023 by smorimoto

GHSA-hgwp-4vp4-qmm2 has no published or compatible non-vulnerable versions

#1742 opened Mar 2, 2023 by uhthomas

GHSA-mjmj-j48q-9wg2 is triggering for snakeyaml-engine but CVE is for just "snakeyaml"

#1720 opened Feb 23, 2023 by mr-c

julia ecosystem support

#1689 opened Feb 10, 2023 by anandijain

Feature: Provide advisories as CSAF

#1685 opened Feb 9, 2023 by tschmidtb51

Add support for Elixir Ecosystem for dependency graphs since the package manager hex.pm is already used for Erlang

#1661 opened Jan 31, 2023 by SupaMic

improve Dependabot Alert UI; allow markdown comments

#1643 opened Jan 27, 2023 by jtmoon79

Missing information in json files compared to the advisory page

#1580 opened Jan 7, 2023 by Hritik14

[Feature Request] Better transitive security disclosure and alerting

#1565 opened Jan 5, 2023 by msavy

Previous 1 2 Next

Previous Next

ProTip! Updated in the last three days: updated:>2024-02-16.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly