vulnerablecode
vulnerablecode copied to clipboard
nexB
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
Procedures: - [x] Announce on Gitter/Element, in a specific channel if available, to notify of the org migration process including the scheduled start time and the expected completion time. -...
Currently we store packagerelatedvulnerabilities in one table, either a package fixes a vulnerability or affected by some vulnerability, the combination of package and vulnerability is stored in the same table...
The nix workflow is failing with obscure error messages. https://github.com/nexB/vulnerablecode/actions/runs/10367746426/job/28699861669#step:4:22 We should: 1. disable this workflow 2. ask for help from mix gurus
For packages, I would like to enable the sorting of versions using database queries. Why? we have performance issues such as: - https://github.com/nexB/vulnerablecode/issues/1492 - https://github.com/nexB/vulnerablecode/issues/1538 Sorting by version is important...
- [ ] https://github.com/stackrox/dotnet-scraper contains curated .NET CVEs - [ ] https://github.com/stackrox/istio-cves contains curated istio CVEs - [ ] https://github.com/stackrox/k8s-istio-cve-pusher/blob/main/nvd/missing_cves.go contains some curated K8S CVEs - [ ] https://github.com/stackrox/k8s-cves contains...
Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.13.1 to 3.15.2. Release notes Sourced from djangorestframework's releases. Version 3.15.1 What's Changed Update the message to be consistent with the Django `HttpResponseBa… by @maycuatroi in encode/django-rest-framework#9287...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
We patch univers in VCIO's models.py: ``` from univers.version_range import RANGE_CLASS_BY_SCHEMES # patch univers for missing entry RANGE_CLASS_BY_SCHEMES["alpine"] = AlpineLinuxVersionRange ``` This has a funny smell. This should not be...
See @TURROKS https://github.com/TURROKS/CVE_Prioritizer It combines CVSS, EPSS and KEV. Nice Something to consider for CRAVEX! FYI: @DennisClark @TG1999 @tdruez