Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / SAP/risk-explorer-for-software-supply-chains issues and pull requests
#123 - Bump rollup from 2.70.2 to 2.79.2
Pull Request -
State: open - Opened by dependabot[bot] 2 months ago
Labels: dependencies
#122 - Bump micromatch and react-native
Pull Request -
State: open - Opened by dependabot[bot] 2 months ago
Labels: dependencies
#121 - Bump body-parser and express
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies
#120 - Bump serve-static and express
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies
#118 - Bump micromatch and react-native
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies
#100 - Update description of AV-301
Pull Request -
State: closed - Opened by henrikplate about 1 year ago
#100 - Update description of AV-301
Pull Request -
State: closed - Opened by henrikplate about 1 year ago
#99 - Revert "Bump react-devtools-core and react-native"
Pull Request -
State: closed - Opened by piergiorgioladisa about 1 year ago
#99 - Revert "Bump react-devtools-core and react-native"
Pull Request -
State: closed - Opened by piergiorgioladisa about 1 year ago
#98 - Bump react-devtools-core and react-native
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies
#98 - Bump react-devtools-core and react-native
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies
#97 - Bump @babel/traverse from 7.17.3 to 7.23.2
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies
#97 - Bump @babel/traverse from 7.17.3 to 7.23.2
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies
#96 - Add 2 examples
Pull Request -
State: closed - Opened by henrikplate about 1 year ago
#96 - Add 2 examples
Pull Request -
State: closed - Opened by henrikplate about 1 year ago
#95 - Description of AV-301 is too much geared towards AV-304
Issue -
State: closed - Opened by henrikplate about 1 year ago
- 3 comments
#95 - Description of AV-301 is too much geared towards AV-304
Issue -
State: closed - Opened by henrikplate about 1 year ago
- 3 comments
#94 - Bump word-wrap from 1.2.3 to 1.2.4
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#94 - Bump word-wrap from 1.2.3 to 1.2.4
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#93 - Bump semver from 5.7.1 to 5.7.2
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#93 - Bump semver from 5.7.1 to 5.7.2
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#92 - Bump tough-cookie from 4.0.0 to 4.1.3
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#92 - Bump tough-cookie from 4.0.0 to 4.1.3
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#91 - Description of AV-208 is hard to understand
Issue -
State: closed - Opened by copernico over 1 year ago
- 2 comments
#90 - Dozens of popular Minecraft mods found infected with Fracturiser malware
Issue -
State: open - Opened by piergiorgioladisa over 1 year ago
Labels: documentation
#90 - Dozens of popular Minecraft mods found infected with Fracturiser malware
Issue -
State: open - Opened by piergiorgioladisa over 1 year ago
Labels: documentation
#89 - Adding AI package hallucination attack vector
Pull Request -
State: closed - Opened by piergiorgioladisa over 1 year ago
Labels: documentation
#89 - Adding AI package hallucination attack vector
Pull Request -
State: closed - Opened by piergiorgioladisa over 1 year ago
Labels: documentation
#88 - [New Attack Vector] AI Package Hallucination
Issue -
State: closed - Opened by piergiorgioladisa over 1 year ago
- 2 comments
Labels: documentation
#87 - Bump webpack from 5.72.0 to 5.76.1
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#87 - Bump webpack from 5.72.0 to 5.76.1
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#86 - [bug] build failed with latest project source code
Issue -
State: closed - Opened by highkay over 1 year ago
- 1 comment
#86 - [bug] build failed with latest project source code
Issue -
State: closed - Opened by highkay over 1 year ago
- 1 comment
#85 - Bump dns-packet from 5.3.1 to 5.4.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#85 - Bump dns-packet from 5.3.1 to 5.4.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies
#84 - Added malicious Lolip0p packages to references
Pull Request -
State: closed - Opened by serenaponta almost 2 years ago
#84 - Added malicious Lolip0p packages to references
Pull Request -
State: closed - Opened by serenaponta almost 2 years ago
#83 - Visualbugs linkfeatures
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#83 - Visualbugs linkfeatures
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#82 - Adding new references of attacks/proof-of-concept
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#82 - Adding new references of attacks/proof-of-concept
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#81 - Add new references (mostly peer reviewed ones)
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#81 - Add new references (mostly peer reviewed ones)
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#80 - Bump @sideway/formula from 3.0.0 to 3.0.1
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies
#80 - Bump @sideway/formula from 3.0.0 to 3.0.1
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies
#79 - Add reference to AV-702 discussed in issue 75
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#78 - Add reference to AV-100 discussed in issue 69
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#78 - Add reference to AV-100 discussed in issue 69
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#77 - Fixed inconsistencies in references.json file.
Pull Request -
State: closed - Opened by imranur-rahman almost 2 years ago
- 1 comment
#77 - Fixed inconsistencies in references.json file.
Pull Request -
State: closed - Opened by imranur-rahman almost 2 years ago
- 1 comment
#76 - Fixed inconsistencies in references.json.
Pull Request -
State: closed - Opened by imranur-rahman almost 2 years ago
- 3 comments
#76 - Fixed inconsistencies in references.json.
Pull Request -
State: closed - Opened by imranur-rahman almost 2 years ago
- 3 comments
#75 - RCE vulnerability in Git
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#75 - RCE vulnerability in Git
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#74 - PoC from Trend Micro: Abusing a GitHub Codespaces Feature For Malware Delivery
Issue -
State: open - Opened by piergiorgioladisa almost 2 years ago
#74 - PoC from Trend Micro: Abusing a GitHub Codespaces Feature For Malware Delivery
Issue -
State: open - Opened by piergiorgioladisa almost 2 years ago
#73 - Bump json5 from 1.0.1 to 1.0.2
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies
#73 - Bump json5 from 1.0.1 to 1.0.2
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies
#72 - Malicious VSCode PoC and Evaluation
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
- 1 comment
#72 - Malicious VSCode PoC and Evaluation
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
- 1 comment
#71 - Add attack on PyTorch dep chain (AV-509)
Pull Request -
State: closed - Opened by henrikplate almost 2 years ago
- 2 comments
#71 - Add attack on PyTorch dep chain (AV-509)
Pull Request -
State: closed - Opened by henrikplate almost 2 years ago
- 2 comments
#70 - Attack: PyTorch poisoned after a dependency confusion attack
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#70 - Attack: PyTorch poisoned after a dependency confusion attack
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#69 - SE techniques to increase popularity as GitHub maintainer
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#69 - SE techniques to increase popularity as GitHub maintainer
Issue -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#68 - Add reference discussed in issue 54
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#68 - Add reference discussed in issue 54
Pull Request -
State: closed - Opened by piergiorgioladisa almost 2 years ago
#67 - Added reference to the Great Suspender (AV-800)
Pull Request -
State: closed - Opened by henrikplate almost 2 years ago
#67 - Added reference to the Great Suspender (AV-800)
Pull Request -
State: closed - Opened by henrikplate almost 2 years ago
#66 - Attack: Another case where ownership has been transferred
Issue -
State: closed - Opened by henrikplate almost 2 years ago
- 2 comments
#66 - Attack: Another case where ownership has been transferred
Issue -
State: closed - Opened by henrikplate almost 2 years ago
- 2 comments
#65 - Bump decode-uri-component from 0.2.0 to 0.2.2
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies
#65 - Bump decode-uri-component from 0.2.0 to 0.2.2
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies
#64 - Bump loader-utils from 2.0.2 to 2.0.4
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
Labels: dependencies
#64 - Bump loader-utils from 2.0.2 to 2.0.4
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
Labels: dependencies
#63 - Added WASP attack (AV-100), which uses steganography and polymorphism at later stages
Pull Request -
State: closed - Opened by henrikplate about 2 years ago
- 1 comment
#63 - Added WASP attack (AV-100), which uses steganography and polymorphism at later stages
Pull Request -
State: closed - Opened by henrikplate about 2 years ago
- 1 comment
#62 - Bump minimatch and recursive-readdir
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
Labels: dependencies
#62 - Bump minimatch and recursive-readdir
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
Labels: dependencies
#61 - Bump loader-utils from 2.0.2 to 2.0.3
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies
#61 - Bump loader-utils from 2.0.2 to 2.0.3
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies
#60 - Added GitHub RepoJacking vuln
Pull Request -
State: closed - Opened by henrikplate about 2 years ago
- 2 comments
#60 - Added GitHub RepoJacking vuln
Pull Request -
State: closed - Opened by henrikplate about 2 years ago
- 2 comments
#59 - Added ref for leaked .git folders
Pull Request -
State: closed - Opened by henrikplate about 2 years ago
- 1 comment
#59 - Added ref for leaked .git folders
Pull Request -
State: closed - Opened by henrikplate about 2 years ago
- 1 comment
#58 - Add ref to [AV-602] Take-over legit account
Issue -
State: closed - Opened by henrikplate about 2 years ago
- 2 comments
#58 - Add ref to [AV-602] Take-over legit account
Issue -
State: closed - Opened by henrikplate about 2 years ago
- 2 comments
#57 - Updated reference to new SCA on php
Pull Request -
State: closed - Opened by abhishekmurthyendor about 2 years ago
- 1 comment
#57 - Updated reference to new SCA on php
Pull Request -
State: closed - Opened by abhishekmurthyendor about 2 years ago
- 1 comment
#56 - Adding new reference of supply chain attack on PHP
Pull Request -
State: closed - Opened by abhishekmurthyendor about 2 years ago
- 1 comment
#56 - Adding new reference of supply chain attack on PHP
Pull Request -
State: closed - Opened by abhishekmurthyendor about 2 years ago
- 1 comment
#55 - Adding new reference to SCA on PHP
Pull Request -
State: closed - Opened by abhishekmurthyendor about 2 years ago
- 2 comments
#55 - Adding new reference to SCA on PHP
Pull Request -
State: closed - Opened by abhishekmurthyendor about 2 years ago
- 2 comments
#54 - Add "npm packages used by crypto exchanges compromised"
Issue -
State: closed - Opened by piergiorgioladisa about 2 years ago
- 2 comments
#54 - Add "npm packages used by crypto exchanges compromised"
Issue -
State: closed - Opened by piergiorgioladisa about 2 years ago
- 2 comments
#53 - Safeguard: Binary Transparency
Issue -
State: closed - Opened by kpcyrd about 2 years ago
- 1 comment
#53 - Safeguard: Binary Transparency
Issue -
State: closed - Opened by kpcyrd about 2 years ago
- 1 comment
#52 - Change ethos node categorization
Pull Request -
State: closed - Opened by piergiorgioladisa about 2 years ago
#52 - Change ethos node categorization
Pull Request -
State: closed - Opened by piergiorgioladisa about 2 years ago