vulnerablecode
vulnerablecode copied to clipboard
nexB
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
- [x] Github API - [x] NVD - [x] Vulnrichment - [x] NPM - [x] Apache HTTPD - [x] Pysec - [x] Pypa - [x] Gitlab
See https://euvd.enisa.europa.eu/ Some notes: - this is based on CIRL's vulnerability-lookup backend. - it is not clear what new data it provides - it does provide new aliases
fix: #506 Implemented polite_request to enforce API rate limits and delays
This PR creates a pull request template to standardize contributions and make the review process more efficient. This template provides a clear structure for contributors to describe their changes, specify...
Fixes : #226 Add mypy.ini configuration with intentionally relaxed settings Create type-requirements.txt for type checker dependencies Implement GitHub workflow for multi-version Python type checking Disable specific common error codes to...
- Fixes: https://github.com/aboutcode-org/vulnerablecode/issues/1796 - Fixes: https://github.com/aboutcode-org/vulnerablecode/issues/1393
ATM in VCIO a vulnerability is an object created by the culmination of multiple advisories. We will use the NVD importer publish date as default for each vulnerability, in case...
This pull request addresses issue #586 by adding an importer for Apache Log4j advisories 
This would be awesome to have daily sync of https://github.com/aboutcode-data/vulnerablecode-data from the https://public.vulnerablecode.io/ data