vulnerablecode
vulnerablecode copied to clipboard
nexB
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
This is related to https://github.com/nexB/vulnerablecode/issues/1228 and https://github.com/nexB/vulnerablecode/issues/1252. I noticed yesterday while working on https://github.com/nexB/vulnerablecode/issues/1228 that my tests using `univers` (https://github.com/nexB/univers) to compare affected and fixed by versions threw a `univers.versions.InvalidVersion:...
Bumps [django](https://github.com/django/django) from 4.2.25 to 4.2.26. Commits 0dfd59e [4.2.x] Bumped version for 4.2.26 release. 279f8b9 [4.2.x] Refs CVE-2025-64459 -- Avoided propagating invalid arguments to Q on ... 59ae82e [4.2.x] Fixed...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Fixes #1410 Hey, this PR adds a new importer for Liferay security advisories. It crawls the Liferay security page to fetch CVEs, severity scores, and affected versions. I've also added...
- First, announce that we are deprecating https://public.vulnerablecode.io/api/ and ask users to migrate to https://public.vulnerablecode.io/api/v2/ - Migrate all of our importers from V1 (aka vulnerability pipelines) to V2 pipelines (aka...
To get this data, there are existing basic sources that we have already integrated. We should find more exploits in GitHub repos, and extract more data from existing sources.
These are commonly published for important vulns. This can include yara rules, rules for IDS like Suricata, ClamAV entries, OpenVAS and nessus rules and related, like with MISP
This could include the rewrite the documentation of VulnerableCode docs (see https://vulnerablecode.readthedocs.org/) according to Diátaxis framework to make the AboutCode docs better.
There is some UI design need to make this efficient. We could also display various advisory data sources side by side to help correct the data, and also we should...