vulnerablecode
vulnerablecode copied to clipboard
nexB
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
- [x] postgresql - [x] elixir security - [ ] Xen - [x] Ruby - [ ] Gentoo - [ ] Curl - [ ] Apache Kafka - [ ]...
Starting #1871, we run pipelines in task queue and the logs from these pipeline runs are publicly accessible. We should review all pipelines and importers to make sure we are...
As a part of the ongoing GSoC 2025 project titled "On-demand live evaluation of packages and Integration with VulnTotal". It should modify the Ruby importer to support the package-first mode....
As a part of the ongoing GSoC 2025 project titled "On-demand live evaluation of packages and Integration with VulnTotal". It should modify the rust importer to support the package-first mode....
Drop GSD
We should get rid of GSD - https://github.com/cloudsecurityalliance/gsd-database is now archived - gsd.id is now a dead link - https://github.com/cloudsecurityalliance/gsd-tools/ is also archived
As a part of the ongoing GSoC 2025 project titled "On-demand live evaluation of packages and Integration with VulnTotal". It should modify the github importer to support the package-first mode....
I found this through @copernico fork. @sofiaoreis :heart: maintains: - a website https://security-commits.org/ - a data set of fix patches https://github.com/security-commits/security-patches-dataset - tools at https://github.com/security-commits/secomlint - a mini spec/convention to...
- Resolves https://github.com/aboutcode-org/vulnerablecode/issues/1699 PR is blocked by: - [x] https://github.com/aboutcode-org/vulnerablecode/issues/1583 - [x] https://github.com/aboutcode-org/vulnerablecode/issues/1777 also at minimum, we need to get rid of aliases JSON field in the advisory and instead...
Devise a way to merge duplicate/quasi-duplicate advisories to declutter