Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / aquasecurity/trivy-db issues and pull requests

#401 - chore(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.1.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies, github_actions

#400 - chore(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.15

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies, go

#399 - chore(deps): bump golang.org/x/tools from 0.6.0 to 0.20.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies, go

#398 - feat(go): add vulndb

Pull Request - State: closed - Opened by knqyf263 7 months ago - 4 comments

#397 - feat(openEuler): Add openEuler CVE database

Pull Request - State: open - Opened by wjunLu 7 months ago - 2 comments

#396 - chore(deps): bump github.com/goark/go-cvss from 1.6.6 to 1.6.7

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, go

#394 - Add upcoming Ubuntu 24.04

Pull Request - State: closed - Opened by mayrstefan 8 months ago

#393 - Question: Edit trivy.db

Issue - State: open - Opened by rahilwala 8 months ago

#390 - Amazon Linux 2023 flagged as EOL

Issue - State: closed - Opened by Xeroxxx 8 months ago - 3 comments

#389 - Untag v1 image since it's no longer in use

Issue - State: open - Opened by RichardoC 9 months ago - 2 comments

#388 - chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, go

#387 - chore(deps): bump go.etcd.io/bbolt from 1.3.8 to 1.3.9

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, go

#386 - chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, go

#385 - chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions

#384 - ci: use maximize-build-space

Pull Request - State: closed - Opened by DmitriyLewen 9 months ago

#383 - Publishing Trivy DB is failing

Issue - State: closed - Opened by fawind 9 months ago - 4 comments

#382 - test(mariner): update tests after changing filenames in `vuln-list`

Pull Request - State: closed - Opened by DmitriyLewen 9 months ago - 1 comment

#381 - Fix issue 380

Pull Request - State: closed - Opened by mpoindexter 9 months ago - 5 comments

#378 - chore(deps): bump actions/setup-go from 4 to 5

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, github_actions

#377 - chore(deps): bump github.com/samber/lo from 1.38.1 to 1.39.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#376 - fix(amazon): compare severity in lower case

Pull Request - State: closed - Opened by DmitriyLewen 12 months ago

#375 - maven::GitLab Advisory Database Community is Error

Issue - State: open - Opened by xxoxx 12 months ago

#374 - refactor(nvd): migrate to API 2.0

Pull Request - State: closed - Opened by DmitriyLewen 12 months ago - 6 comments

#373 - chore(deps): bump golang.org/x/text from 0.13.0 to 0.14.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, go

#371 - ghcr.io does not have IPv6-Support

Issue - State: open - Opened by michaelzangl about 1 year ago - 1 comment

#370 - fix rocky: multi-arch support broke backward compatibility

Pull Request - State: closed - Opened by Moniseeta about 1 year ago - 2 comments

#369 - Rocky multi-arch support broke backward compatibility

Issue - State: closed - Opened by Moniseeta about 1 year ago

#368 - chore(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#366 - chore: exclude Maven for GLAD

Pull Request - State: closed - Opened by DmitriyLewen about 1 year ago - 13 comments

#365 - feat(ubuntu): support Ubuntu 23.10

Pull Request - State: closed - Opened by ptodev about 1 year ago - 4 comments

#364 - CVE missing in trivy DB

Issue - State: closed - Opened by tiflor about 1 year ago - 3 comments

#363 - Trivy not reporting CVE-2023-3894 properly

Issue - State: closed - Opened by Mochis about 1 year ago - 1 comment

#362 - chore(deps): bump actions/checkout from 3 to 4

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#361 - chore(deps): bump docker/login-action from 2 to 3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#360 - chore(deps): bump go.uber.org/zap from 1.25.0 to 1.26.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#359 - chore(deps): bump golang.org/x/text from 0.12.0 to 0.13.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#358 - refactor: use types.Ecosystem in bucket.Name()

Pull Request - State: closed - Opened by knqyf263 about 1 year ago

#357 - chore: remove yamllint

Pull Request - State: closed - Opened by DmitriyLewen about 1 year ago

#356 - chore: enable more linters

Pull Request - State: closed - Opened by DmitriyLewen about 1 year ago

#355 - fix(ghsa): return Rust advisories

Pull Request - State: closed - Opened by DmitriyLewen about 1 year ago - 5 comments

#354 - How nvr-to-cpe.json is generated

Issue - State: closed - Opened by wopashugeixianshi about 1 year ago - 4 comments

#353 - GHSA source for rust ignored

Issue - State: closed - Opened by hamiltop about 1 year ago - 1 comment

#352 - fix: OSV affected versions parsing

Pull Request - State: closed - Opened by juan131 about 1 year ago - 24 comments

#351 - chore(deps): bump go.uber.org/zap from 1.24.0 to 1.25.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#350 - chore(deps): bump golang.org/x/text from 0.11.0 to 0.12.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#349 - chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#348 - fix(osv): skip empty CVSS vectors

Pull Request - State: closed - Opened by knqyf263 about 1 year ago

#347 - fix(ci): download tar.gz archive for CocoaPods Specs

Pull Request - State: closed - Opened by DmitriyLewen about 1 year ago

#346 - fix(ci): move `CocoaPods Specs` load into `db-fetch-langs` command

Pull Request - State: closed - Opened by DmitriyLewen about 1 year ago

#345 - feat: use the GHSA repository

Pull Request - State: closed - Opened by knqyf263 about 1 year ago

#344 - feat(swift): add Cocoapods advisories

Pull Request - State: closed - Opened by DmitriyLewen about 1 year ago

#343 - fix: if break condition

Pull Request - State: closed - Opened by testwill about 1 year ago

#342 - Revert "chore: fall back into vuln-list-reserve (#334)"

Pull Request - State: closed - Opened by knqyf263 over 1 year ago

#341 - BugFix|Assigned erratum to custom put input

Pull Request - State: closed - Opened by nikithaguduru over 1 year ago - 1 comment

#340 - Missing/wrong NVSS score for CVE-2023-38408

Issue - State: open - Opened by rbren over 1 year ago - 1 comment

#339 - feat(ghsa): add swift support

Pull Request - State: closed - Opened by DmitriyLewen over 1 year ago

#338 - feat(osv): support `last_affected` field

Pull Request - State: closed - Opened by nikpivkin over 1 year ago

#337 - chore(deps): bump golang.org/x/text from 0.10.0 to 0.11.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#336 - feat(bitnami): add support for Bitnami vulnerability database

Pull Request - State: closed - Opened by juan131 over 1 year ago - 13 comments

#335 - build(nvd): use vuln-list-nvd

Pull Request - State: closed - Opened by DmitriyLewen over 1 year ago

#334 - chore: fall back into vuln-list-reserve

Pull Request - State: closed - Opened by knqyf263 over 1 year ago - 1 comment

#333 - outdated trivy db

Issue - State: closed - Opened by smtan-gl over 1 year ago - 2 comments

#332 - feat: add k8s vulns

Pull Request - State: closed - Opened by chen-keinan over 1 year ago - 22 comments

#331 - feat(oracle): add multi-arch support

Pull Request - State: open - Opened by DmitriyLewen over 1 year ago

#330 - chore: remove go-vulndb security advisories

Pull Request - State: closed - Opened by DmitriyLewen over 1 year ago

#329 - fix(rocky): fix filename for test file

Pull Request - State: closed - Opened by DmitriyLewen over 1 year ago

#328 - feat: add vulnerability status

Pull Request - State: closed - Opened by knqyf263 over 1 year ago - 2 comments

#327 - chore(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#326 - chore(deps): bump golang.org/x/vuln from 0.0.0-20211221130724-9d39a965865f to 0.2.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#325 - chore(deps): bump golang.org/x/text from 0.9.0 to 0.10.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#324 - chore(deps): bump github.com/urfave/cli from 1.22.13 to 1.22.14

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#322 - build(debian): use vuln-list-debian

Pull Request - State: closed - Opened by knqyf263 over 1 year ago

#321 - fix(rocky): add multi-arch support

Pull Request - State: closed - Opened by DmitriyLewen over 1 year ago - 2 comments

#320 - The latest image ` ghcr.io/aquasecurity/trivy-db` is broken

Issue - State: closed - Opened by wawa0210 over 1 year ago - 1 comment

#319 - build(redhat): use vuln-list-redhat

Pull Request - State: closed - Opened by knqyf263 over 1 year ago - 1 comment

#318 - fix(osv): skip withdrawn entries

Pull Request - State: closed - Opened by nikpivkin over 1 year ago

#317 - build: fix go-version-file

Pull Request - State: closed - Opened by knqyf263 over 1 year ago

#316 - chore: bump Go to 1.19

Pull Request - State: closed - Opened by knqyf263 over 1 year ago

#315 - chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#314 - feat: switch glad to ghsa for golang

Pull Request - State: closed - Opened by DmitriyLewen over 1 year ago

#313 - fix(RedHat): compare severity when merging advisories

Pull Request - State: closed - Opened by DmitriyLewen over 1 year ago - 2 comments

#312 - fix(RedHat): compare advisories by severity

Issue - State: closed - Opened by DmitriyLewen over 1 year ago - 1 comment
Labels: bug

#311 - chore(docs): remove `upload` command

Pull Request - State: closed - Opened by chrisnovakovic over 1 year ago - 1 comment

#310 - feat(ubuntu): support Ubuntu 23.04

Pull Request - State: closed - Opened by chrisnovakovic over 1 year ago - 1 comment

#309 - code optimization

Pull Request - State: closed - Opened by testwill over 1 year ago

#308 - is there a Mirror address?

Issue - State: closed - Opened by wang-xiaowu over 1 year ago - 1 comment

#307 - trivy reporting CVE-2023-0687 although OVAL is mark as Not Applicable

Issue - State: closed - Opened by eric-desrochers over 1 year ago - 3 comments

#306 - Fix panics caused by keeping unsafe byte arrays returned by Bolt

Pull Request - State: closed - Opened by tanguylebarzic over 1 year ago - 3 comments

#305 - upgrade to oras 1.0.0 and fix issue with 0 length config

Pull Request - State: closed - Opened by rdjones517 over 1 year ago - 4 comments

#304 - chore(deps): bump golang.org/x/vuln from 0.0.0-20211221130724-9d39a965865f to 0.1.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#303 - chore(deps): bump github.com/urfave/cli from 1.22.12 to 1.22.13

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go