Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / Vulnogram/Vulnogram issues and pull requests
#230 - Bump express-rate-limit from 5.5.1 to 7.3.1
Pull Request -
State: open - Opened by dependabot[bot] 23 days ago
Labels: Mend: dependency security vulnerability
#229 - Bump express-rate-limit from 5.5.1 to 7.3.0
Pull Request -
State: closed - Opened by dependabot[bot] 30 days ago
- 1 comment
Labels: Mend: dependency security vulnerability
#228 - Bump mongoose from 6.12.9 to 8.4.1
Pull Request -
State: open - Opened by dependabot[bot] 30 days ago
Labels: Mend: dependency security vulnerability
#227 - Bump mongodb from 3.7.4 to 6.7.0
Pull Request -
State: open - Opened by dependabot[bot] 30 days ago
Labels: Mend: dependency security vulnerability
#226 - 'Public at' mandatory, but not marked as such
Issue -
State: open - Opened by MrSeccubus about 1 month ago
#225 - Bump express-validator from 6.15.0 to 7.1.0
Pull Request -
State: open - Opened by dependabot[bot] about 1 month ago
Labels: Mend: dependency security vulnerability
#224 - Bump mongodb from 3.7.4 to 6.6.2
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 1 comment
Labels: Mend: dependency security vulnerability
#223 - Bump mongoose from 6.12.8 to 8.4.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 1 comment
Labels: Mend: dependency security vulnerability
#222 - Updates for cveReservation by Year
Pull Request -
State: open - Opened by sei-vsarvepalli about 2 months ago
#221 - CVE Reservation - allow for years older than last year
Issue -
State: open - Opened by sei-vsarvepalli about 2 months ago
#220 - 0.2.0
Pull Request -
State: open - Opened by chandanbn about 2 months ago
#219 - Bump mongoose from 6.12.8 to 8.3.4
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#218 - Bump mongodb from 3.7.4 to 6.6.1
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#217 - Vulnogram Generated Link to CAPECs Ends in 404 Error
Issue -
State: closed - Opened by rsneff about 2 months ago
- 1 comment
#216 - Bump mongoose from 6.12.8 to 8.3.3
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#215 - Bump mongodb from 3.7.4 to 6.6.0
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#214 - All CWEs not present in Problem Types
Issue -
State: closed - Opened by codonell 2 months ago
- 2 comments
#213 - Bump mongoose from 6.12.8 to 8.3.2
Pull Request -
State: closed - Opened by dependabot[bot] 2 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#212 - Update second Post to CVE.org button label based on portal
Pull Request -
State: closed - Opened by scotluns 3 months ago
#211 - Bump mongoose from 6.12.8 to 8.3.1
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#210 - support CPE (feature request)
Issue -
State: open - Opened by zmanion 3 months ago
#209 - Embed ajv library in UI client
Pull Request -
State: closed - Opened by scotluns 3 months ago
#208 - Improving README.md documentation for deploying browser mode
Pull Request -
State: closed - Opened by scotluns 3 months ago
#207 - Bump mongoose from 6.12.7 to 8.3.0
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#206 - #134 User can now properly switch portals after logout
Pull Request -
State: closed - Opened by scotluns 3 months ago
#205 - #164 Update CAPEC impacts to latest version
Pull Request -
State: closed - Opened by scotluns 3 months ago
#204 - Bump mongoose from 6.12.7 to 8.2.4
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#203 - Bump mongoose from 6.12.7 to 8.2.3
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#202 - Fix typo in cve5/script.js
Pull Request -
State: closed - Opened by Miskerest 3 months ago
#201 - Create new users with proper permissions
Pull Request -
State: closed - Opened by scotluns 4 months ago
#200 - Test portal record successfully created link goes to production CVE page
Issue -
State: closed - Opened by ccoffin 4 months ago
- 2 comments
#199 - Post to CVE.org button at bottom of Test Portal Editor tab
Issue -
State: closed - Opened by ccoffin 4 months ago
- 1 comment
#198 - Bump mongoose from 6.12.7 to 8.2.2
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#197 - Bump mongodb from 3.7.4 to 6.5.0
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#196 - Bump mongoose from 6.12.7 to 8.2.1
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#195 - Support Rejected -> Published
Issue -
State: open - Opened by zmanion 4 months ago
- 3 comments
#194 - Bump mongodb from 3.7.4 to 6.4.0
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#193 - Bump express-rate-limit from 5.5.1 to 7.2.0
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#192 - Embed an AJV validator for latest CNA container sub-schema validation prior to submission
Issue -
State: open - Opened by chandanbn 4 months ago
Labels: enhancement
#191 - CVE-2022-25883 (High) detected in multiple libraries
Issue -
State: open - Opened by mend-bolt-for-github[bot] 4 months ago
Labels: Mend: dependency security vulnerability
#190 - CVE-2023-42282 (Critical) detected in ip-1.1.8.tgz, ip-2.0.0.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 4 months ago
Labels: Mend: dependency security vulnerability
#189 - CVE-2023-26159 (Medium) detected in follow-redirects-1.15.2.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 4 months ago
Labels: Mend: dependency security vulnerability
#188 - CVE-2023-26115 (High) detected in word-wrap-1.2.3.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 4 months ago
Labels: Mend: dependency security vulnerability
#187 - CVE-Portal: Prevent CNA admins from locking themselves
Issue -
State: open - Opened by chandanbn 4 months ago
Labels: UX
#186 - Update Preview tab to show the preview as on https://www.cve.org/CVERecord
Issue -
State: open - Opened by chandanbn 4 months ago
- 1 comment
Labels: High Priority, UX
#185 - Timeout for the CVE Portal Login doesn't always work.
Issue -
State: open - Opened by chandanbn 4 months ago
Labels: bug, UX
#184 - Bump mongoose from 6.12.6 to 8.2.0
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#183 - Bump mongoose from 6.12.6 to 8.1.3
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#182 - Bump mongoose from 6.12.6 to 8.1.2
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#181 - Bump mongoose from 6.12.6 to 8.1.1
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#180 - Add an option for last year reservations
Pull Request -
State: closed - Opened by todb 5 months ago
#179 - Ability to reserve CVE for the prior year
Issue -
State: closed - Opened by todb 5 months ago
- 2 comments
#178 - Bump mongoose from 6.12.5 to 8.1.0
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#177 - Bump mongoose from 6.12.5 to 8.0.4
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#176 - Bump mongodb from 3.7.4 to 6.3.0
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#175 - Bump linkifyjs from 2.1.9 to 4.1.3
Pull Request -
State: open - Opened by dependabot[bot] 6 months ago
Labels: Mend: dependency security vulnerability
#174 - Bump passport from 0.6.0 to 0.7.0
Pull Request -
State: closed - Opened by dependabot[bot] 6 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#173 - CVE-2023-3696 (Critical) detected in mongoose-6.10.0.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 6 months ago
Labels: Mend: dependency security vulnerability
#172 - CVE-2023-32314 (Critical) detected in vm2-3.9.14.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 6 months ago
Labels: Mend: dependency security vulnerability
#171 - CVE-2023-45857 (Medium) detected in axios-0.21.4.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 6 months ago
Labels: Mend: dependency security vulnerability
#170 - CVE-2023-32313 (Medium) detected in vm2-3.9.14.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 6 months ago
Labels: Mend: dependency security vulnerability
#169 - CVE-2023-37903 (Critical) detected in vm2-3.9.14.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 6 months ago
Labels: Mend: dependency security vulnerability
#168 - CVE-2023-37466 (Critical) detected in vm2-3.9.14.tgz
Issue -
State: open - Opened by mend-bolt-for-github[bot] 6 months ago
Labels: Mend: dependency security vulnerability
#167 - Bump mongoose from 6.12.3 to 8.0.3 - autoclosed
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#166 - Bump express-rate-limit from 5.5.1 to 7.1.5 - autoclosed
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#165 - Bump mongoose from 6.12.3 to 8.0.2
Pull Request -
State: closed - Opened by dependabot[bot] 7 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#164 - List of CAPEC impacts may be outdated
Issue -
State: closed - Opened by openmorse 7 months ago
- 1 comment
Labels: help wanted
#163 - Improve clarity of "Public At" input field to prevent accidental publishing d/t "scheduling" assumption
Issue -
State: closed - Opened by openmorse 7 months ago
- 1 comment
#162 - Adding new user creates an admin user, even if admin option is de-selected
Issue -
State: open - Opened by openmorse 7 months ago
Labels: security fix, High Priority
#161 - update SSVC experimental support for cve-schema 5.1.0
Pull Request -
State: closed - Opened by zmanion 7 months ago
#160 - Bump mongoose from 6.12.3 to 8.0.1
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#159 - Bump express-rate-limit from 5.5.1 to 7.1.4
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#158 - Bump mongoose from 6.12.2 to 8.0.0
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#157 - Bump express-rate-limit from 5.5.1 to 7.1.3
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#156 - SSVC: Define term "Value Density" (and others)
Issue -
State: open - Opened by todb 8 months ago
- 1 comment
#155 - Bump mongoose from 6.12.1 to 7.6.3
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#154 - CVE Description auto-generate does not work after Download plus Open
Issue -
State: open - Opened by paulwouters 9 months ago
#153 - Bump express-rate-limit from 5.5.1 to 7.1.1
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#152 - Bump mongoose from 6.12.1 to 7.6.2
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#151 - Bump mongoose from 6.12.0 to 7.6.0
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: Mend: dependency security vulnerability
#150 - Bump csso-cli from 3.0.0 to 4.0.2 - autoclosed
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#149 - Bump express-validator from 6.15.0 to 7.0.1 - autoclosed
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#148 - Bump busboy from 0.3.1 to 1.6.0 - autoclosed
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#147 - Bump node-fetch from 2.7.0 to 3.3.2
Pull Request -
State: closed - Opened by chandanbn 9 months ago
- 1 comment
#146 - Bump mongodb from 3.7.4 to 6.1.0
Pull Request -
State: closed - Opened by chandanbn 9 months ago
#145 - Bump mongoose from 6.12.0 to 7.5.4
Pull Request -
State: closed - Opened by chandanbn 9 months ago
#144 - Bump linkifyjs from 2.1.9 to 4.1.1
Pull Request -
State: closed - Opened by chandanbn 9 months ago
#143 - Bump express-rate-limit from 5.5.1 to 7.1.0
Pull Request -
State: closed - Opened by chandanbn 9 months ago
#142 - Bump mongodb from 3.7.4 to 6.1.0
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#141 - Bump node-fetch from 2.7.0 to 3.3.2
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#140 - Bump express-rate-limit from 5.5.1 to 7.1.0
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#139 - Bump linkifyjs from 2.1.9 to 4.1.1
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#138 - Bump mongoose from 6.12.0 to 7.5.4
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 2 comments
Labels: Mend: dependency security vulnerability
#137 - Prevent posts with placeholders like [PROBLEMTYPE]
Pull Request -
State: closed - Opened by ElectricNroff 9 months ago
- 1 comment
#136 - Update cwe-frequent.json for CWE-122
Pull Request -
State: closed - Opened by todb 10 months ago
#135 - add cveawg-adp-test to Portal choices
Pull Request -
State: closed - Opened by ElectricNroff 10 months ago
#134 - Switching between test and production portals results in auth failure and misleading portal name
Issue -
State: open - Opened by ViperGeek 10 months ago
Labels: help wanted
#133 - Add GUI support for >1 "descriptions"
Issue -
State: closed - Opened by ViperGeek 10 months ago
- 1 comment
#132 - Convert some HTML entities to plain text
Pull Request -
State: closed - Opened by raboof 11 months ago
- 2 comments
#131 - Importing invalid JSON can lead to silent corrections or miscorrections.
Issue -
State: open - Opened by chandanbn 11 months ago