github / advisory-database Public

Notifications
Fork 282
Star 1.5k

Code
Issues 40
Pull requests 18
Discussions
Actions
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Security
Insights

Issues: github/advisory-database

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

40 Open 111 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

Removal of advisory for internal package (GHSA-8m6q-xfx2-69c2)

#3139 opened Dec 22, 2023 by cian-personio

GHSA-rjhf-4mh8-9xjq is a duplicate of GHSA-3mv5-343c-w2qg

#3085 opened Dec 19, 2023 by lukas-braune

Unable to improve advisory database for C / C++ packages

#2963 opened Nov 21, 2023 by mswilson

Does the advisory database cover other maven repositories?

#2900 opened Oct 31, 2023 by joshbressers

Need CVE auto-linking disambiguation to CVEs that belong to more than 1 project

#2869 opened Oct 19, 2023 by joakime

Extend GitHub's CNA scope

#2718 opened Sep 10, 2023 by Marcono1234

CONTRIBUTING.md references OSV schema while the actual repo/PR builds reject valid JSON

#2644 opened Aug 21, 2023 by daniel-beck

Support for zig packages in build.zig.zon

#2610 opened Aug 9, 2023 by figsoda

Why not every CVE collected in GHSA?

#2451 opened Jun 25, 2023 by JustinB1eber

Package vs module for go advisories

#2224 opened May 5, 2023 by ArthurBrillant

Should use "MEDIUM" instead of "MODERATE" in CVSS rating

#2189 opened Apr 24, 2023 by sschuberth

Dependency Submission API - Opam Protocol

#1897 opened Mar 31, 2023 by smorimoto

GHSA-hgwp-4vp4-qmm2 has no published or compatible non-vulnerable versions

#1742 opened Mar 2, 2023 by uhthomas

GHSA-mjmj-j48q-9wg2 is triggering for snakeyaml-engine but CVE is for just "snakeyaml"

#1720 opened Feb 23, 2023 by mr-c

julia ecosystem support

#1689 opened Feb 10, 2023 by anandijain

Feature: Provide advisories as CSAF

#1685 opened Feb 9, 2023 by tschmidtb51

Add support for Elixir Ecosystem for dependency graphs since the package manager hex.pm is already used for Erlang

#1661 opened Jan 31, 2023 by SupaMic

improve Dependabot Alert UI; allow markdown comments

#1643 opened Jan 27, 2023 by jtmoon79

Missing information in json files compared to the advisory page

#1580 opened Jan 7, 2023 by Hritik14

[Feature Request] Better transitive security disclosure and alerting

#1565 opened Jan 5, 2023 by msavy

[Feature Request] Allow official CVEs to be shown on Security Advisory page

#1564 opened Jan 5, 2023 by msavy

Advisories should not reference themselves

#1136 opened Dec 7, 2022 by Marcono1234

Espressif ESP-IDF framework dependency

#1073 opened Dec 5, 2022 by peergum

add support for the vcpkg ecosystem

#1029 opened Dec 3, 2022 by rursprung

Support for Terraform

#998 opened Dec 2, 2022 by jacobball11

Previous 1 2 Next

Previous Next

ProTip! no:milestone will show everything without a milestone.