AppThreat/vulnerability-db issues and pull requests

#198 - Workaround npm bug with inconsistent severity and score

Pull Request - State: closed - Opened by prabhu 19 days ago
Labels: sponsored

#197 - Support for cvss v4 in osv

Pull Request - State: closed - Opened by prabhu 19 days ago
Labels: sponsored

#196 - Upgrade to cve 5.1 schema

Pull Request - State: closed - Opened by prabhu 19 days ago - 7 comments
Labels: sponsored

#195 - Support for creating app-only db by ignoring multiple OS sources

Pull Request - State: closed - Opened by prabhu about 1 month ago
Labels: enhancement, sponsored

#194 - [docs] Document all environment variables

Issue - State: open - Opened by prabhu about 1 month ago
Labels: documentation, good first issue, help wanted

#193 - Adds environment variable to exclude osv malware feeds

Pull Request - State: closed - Opened by prabhu about 1 month ago

#192 - Adds environment variable to exclude osv malware feeds

Pull Request - State: closed - Opened by prabhu about 1 month ago
Labels: enhancement, sponsored

#191 - [perf] vdb 5.7.x has increased the db size compared to 5.6.8

Issue - State: closed - Opened by prabhu about 1 month ago

#190 - Python 3.13 tests

Pull Request - State: closed - Opened by prabhu about 2 months ago - 1 comment

#189 - [cvss 4] Retain cvss 4 values from ghsa and other sources

Issue - State: closed - Opened by prabhu 3 months ago - 1 comment

#188 - Another disputed string for CVE-2023-39017

Pull Request - State: closed - Opened by prabhu 3 months ago

#187 - Another disputed string for CVE-2023-39017

Pull Request - State: closed - Opened by prabhu 3 months ago
Labels: sponsored

#186 - sanity tests for vdb publish

Issue - State: open - Opened by prabhu 4 months ago
Labels: sponsor this

#185 - Bugfixes for search module queries and logic.

Pull Request - State: closed - Opened by cerrussell 4 months ago

#184 - Advisory types missed in the search_by_any function

Issue - State: closed - Opened by cerrussell 4 months ago

#183 - search_by_cve and filter hits bug

Issue - State: closed - Opened by cerrussell 4 months ago
Labels: bug

#182 - Prebuilt dbs not extracting correctly

Issue - State: open - Opened by cerrussell 4 months ago
Labels: bug

#181 - Support for ignoring based on type

Issue - State: open - Opened by prabhu 5 months ago

#180 - Adds argument to print vdb metadata

Pull Request - State: closed - Opened by prabhu 5 months ago - 1 comment

#179 - Rich vdb file metadata

Pull Request - State: closed - Opened by prabhu 5 months ago

#178 - Enhance metadata to detect app-only and filtered database

Issue - State: closed - Opened by prabhu 5 months ago

#177 - Extract affected symbols for nvd

Pull Request - State: closed - Opened by prabhu 5 months ago

#176 - Support for ignoring specific distro feeds

Pull Request - State: closed - Opened by prabhu 5 months ago

#175 - Support for Oracle Linux

Issue - State: open - Opened by prabhu 5 months ago
Labels: sponsor this

#174 - SLES feeds are no longer included

Issue - State: closed - Opened by prabhu 5 months ago

#173 - app only image

Pull Request - State: closed - Opened by prabhu 5 months ago

#172 - Ignore suse/suse cvrf. Other performance improvements.

Pull Request - State: closed - Opened by prabhu 5 months ago

#171 - Ignore suse/suse cvrf. Other performance improvements.

Pull Request - State: closed - Opened by prabhu 5 months ago

#170 - Aqua source has gotten slow

Issue - State: closed - Opened by prabhu 5 months ago

#169 - Application vulnerabilities only database

Issue - State: closed - Opened by prabhu 5 months ago

#168 - Fixes 167

Pull Request - State: closed - Opened by prabhu 5 months ago

#167 - Ignore github.blog domain

Issue - State: closed - Opened by prabhu 5 months ago - 2 comments

#166 - purl_prefix should not include @ character

Issue - State: closed - Opened by prabhu 5 months ago

#165 - Support redhat package fix state and versionless packages

Pull Request - State: closed - Opened by prabhu 5 months ago
Labels: sponsored

#164 - [v6] redhat parsing is error prone

Issue - State: closed - Opened by prabhu 5 months ago - 1 comment
Labels: needs-backport

#163 - Ignore withdrawn cve

Pull Request - State: closed - Opened by prabhu 5 months ago

#162 - Ignore withdrawn cve

Pull Request - State: closed - Opened by prabhu 5 months ago

#161 - Single version in ghsa was creating false positives

Pull Request - State: closed - Opened by prabhu 5 months ago

#160 - Single version in ghsa was creating false positives

Pull Request - State: closed - Opened by prabhu 5 months ago

#159 - Added api methods to determine db creation time and update needs

Pull Request - State: closed - Opened by prabhu 5 months ago - 1 comment

#158 - Generate sbom with research profile

Pull Request - State: closed - Opened by prabhu 5 months ago

#157 - Support for auto updating the database

Issue - State: closed - Opened by prabhu 5 months ago

#156 - Generate sbom

Pull Request - State: closed - Opened by prabhu 5 months ago - 1 comment
Labels: sponsored

#155 - Improve quality of cpe, purl_prefix and vers

Pull Request - State: closed - Opened by prabhu 5 months ago
Labels: Ready for QA, sponsored

#154 - Generate sbom and include in the workflow and releases

Issue - State: closed - Opened by prabhu 5 months ago

#153 - purl prefix data quality issues

Issue - State: closed - Opened by prabhu 5 months ago - 6 comments
Labels: sponsored

#152 - Improve purl prefix for signal

Issue - State: closed - Opened by prabhu 5 months ago - 2 comments

#151 - Triage results for opencv

Issue - State: open - Opened by prabhu 5 months ago - 1 comment

#150 - [testing] cli based matrix tests

Issue - State: open - Opened by prabhu 5 months ago
Labels: good first issue, help wanted

#149 - f-string cannot include backslash error

Pull Request - State: closed - Opened by prabhu 5 months ago

#148 - Capture affected modules and functions

Pull Request - State: closed - Opened by prabhu 6 months ago - 2 comments

#147 - Feature/metrics

Pull Request - State: closed - Opened by timmyteo 6 months ago

#146 - Backport: Override score for MAL

Pull Request - State: closed - Opened by prabhu 6 months ago

#145 - Backported #140, #141

Pull Request - State: closed - Opened by prabhu 6 months ago

#144 - Fixes #142, #143

Pull Request - State: closed - Opened by prabhu 6 months ago

#143 - [v6] purl prefix improvements

Issue - State: closed - Opened by prabhu 6 months ago

#142 - [v6] vers improvements for commit hash

Issue - State: closed - Opened by prabhu 6 months ago

#141 - Relax semver parse to handle more version schemes

Pull Request - State: closed - Opened by prabhu 6 months ago

#140 - OSV data with a single version was getting missed. Affects malware ty…

Pull Request - State: closed - Opened by prabhu 6 months ago

#139 - BREAKING: Store large descriptions in supporting media

Pull Request - State: closed - Opened by prabhu 6 months ago
Labels: breaking

#138 - [v6.1] CVE schema 5.1 support

Issue - State: closed - Opened by prabhu 6 months ago - 1 comment
Labels: breaking

#137 - 10 year database for v6

Pull Request - State: closed - Opened by prabhu 6 months ago

#136 - Fix version was missing for certain packages for osv

Pull Request - State: closed - Opened by prabhu 6 months ago - 1 comment
Labels: sponsored

#135 - Integrate cisa vulnrichment

Issue - State: open - Opened by prabhu 7 months ago
Labels: sponsor this

#135 - Integrate cisa vulnrichment

Issue - State: open - Opened by prabhu 7 months ago

#134 - purl to cpe generalizer

Issue - State: open - Opened by prabhu 7 months ago

#134 - purl to cpe generalizer

Issue - State: open - Opened by prabhu 7 months ago

#133 - Simplified vers compare to reduce false positives with single vers range

Pull Request - State: closed - Opened by prabhu 7 months ago

#132 - Simplify `vers` ranges

Issue - State: open - Opened by nscuro 8 months ago - 8 comments

#131 - Feature/oras

Pull Request - State: closed - Opened by prabhu 8 months ago

#130 - Track alpine unfixed

Pull Request - State: closed - Opened by prabhu 8 months ago

#129 - Alpine version compare false positives

Pull Request - State: closed - Opened by prabhu 8 months ago

#128 - Alpine version compare false positives

Pull Request - State: closed - Opened by prabhu 8 months ago

#127 - [v6] Support for alpine unfixed list

Issue - State: closed - Opened by prabhu 8 months ago

#126 - [debian] false positive check is missing vulnerabilities

Issue - State: closed - Opened by prabhu 8 months ago

#125 - [vdb] offer .gz version

Issue - State: closed - Opened by prabhu 8 months ago - 1 comment

#124 - Additional tests

Pull Request - State: closed - Opened by timmyteo 8 months ago

#123 - Improved version comparison for pyyaml like strange version schemes. …

Pull Request - State: closed - Opened by prabhu 8 months ago

#122 - Feature/issue 110

Pull Request - State: closed - Opened by timmyteo 8 months ago - 1 comment

#121 - Replicate false positive

Pull Request - State: closed - Opened by prabhu 8 months ago

#120 - Tweaks

Pull Request - State: closed - Opened by prabhu 8 months ago

#119 - Feature/issue 110

Pull Request - State: closed - Opened by timmyteo 8 months ago - 3 comments

#116 - Search by sbom

Pull Request - State: closed - Opened by prabhu 8 months ago

#115 - [v6] Add orasclient example to download precompiled vdb

Issue - State: closed - Opened by prabhu 8 months ago - 1 comment

#114 - [v6] create examples to showcase vd6 in go, dotnet etc

Issue - State: open - Opened by prabhu 8 months ago
Labels: good first issue

#113 - Refactored and moved url to purl conversion to utils

Pull Request - State: closed - Opened by prabhu 8 months ago

#112 - [v6] Improve pkg:generic purl prefixes

Issue - State: closed - Opened by prabhu 8 months ago

#111 - [v6] document the logic to convert from purl or https url to purl_prefix

Issue - State: closed - Opened by prabhu 8 months ago
Labels: documentation, enhancement, good first issue

#110 - [v6] Improve test coverage

Issue - State: closed - Opened by prabhu 8 months ago
Labels: good first issue, help wanted

#109 - Improve git url detection for generic purls

Pull Request - State: closed - Opened by prabhu 8 months ago

#108 - Improve purl prefix for os packages

Pull Request - State: closed - Opened by prabhu 8 months ago

#107 - sqlite backend

Pull Request - State: closed - Opened by prabhu 9 months ago - 5 comments
Labels: enhancement, Ready for QA

#106 - [v7] Remove the use of CVE 4.0 template

Issue - State: open - Opened by prabhu 9 months ago

#105 - [v6] Test OSV data to vers conversion

Issue - State: closed - Opened by prabhu 9 months ago - 8 comments
Labels: help wanted

#104 - [v6] investigate sqlite3 db

Issue - State: closed - Opened by prabhu 9 months ago - 5 comments

#103 - nvd api fixed version

Pull Request - State: closed - Opened by prabhu 9 months ago

#102 - [v6] Support for malware feeds

Issue - State: closed - Opened by prabhu 9 months ago - 1 comment
Labels: enhancement, sponsor this

#101 - Handle pysec data with ghsa

Pull Request - State: closed - Opened by prabhu 9 months ago

#100 - Handle pysec data with ghsa

Pull Request - State: closed - Opened by prabhu 9 months ago

#99 - PYSEC feeds lacks severity and score

Issue - State: closed - Opened by prabhu 9 months ago - 1 comment

GitHub / AppThreat/vulnerability-db issues and pull requests