Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / nexB/vulnerablecode issues and pull requests

#1519 - Rename "Fixed by vulnerabilities" column

Pull Request - State: open - Opened by johnmhoran 7 months ago - 1 comment
Labels: ui

#1518 - Add support for reference_type

Pull Request - State: open - Opened by TG1999 7 months ago - 5 comments

#1517 - Revert "Add support for reference_type"

Pull Request - State: closed - Opened by TG1999 7 months ago - 3 comments

#1516 - Incorrect affected package in composer advisories

Issue - State: open - Opened by keshav-space 7 months ago
Labels: data-quality, next

#1515 - Add Apache Camel advisories

Issue - State: open - Opened by pombredanne 7 months ago

#1514 - Fix API

Pull Request - State: open - Opened by TG1999 7 months ago

#1513 - Fix API

Pull Request - State: closed - Opened by TG1999 7 months ago

#1512 - Consider prioritization using CVE_Prioritizer

Issue - State: open - Opened by pombredanne 7 months ago

#1511 - Add https://github.com/wiz-sec/open-cvdb data

Issue - State: open - Opened by pombredanne 7 months ago

#1510 - Add https://github.com/piercing-index/cloud-vulnerabilities scores

Issue - State: open - Opened by pombredanne 7 months ago - 1 comment

#1509 - Use the SCIO Pipeline Mechanism for Importers/Improvers

Issue - State: open - Opened by keshav-space 7 months ago
Labels: core

#1508 - Do not mix unrelated affected and fixed packages

Issue - State: open - Opened by pombredanne 7 months ago
Labels: Priority: high, next

#1505 - Bump zipp from 3.8.0 to 3.19.1

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies

#1504 - Bump djangorestframework from 3.13.1 to 3.15.2

Pull Request - State: open - Opened by dependabot[bot] 7 months ago
Labels: dependencies

#1503 - Bump certifi from 2023.7.22 to 2024.7.4

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago
Labels: dependencies

#1502 - Add support for reference_type

Pull Request - State: closed - Opened by ziadhany 7 months ago - 3 comments

#1501 - Change label from "Fixed by vulnerabilties" to "Fixes vulnerabilities"

Issue - State: open - Opened by TG1999 7 months ago - 8 comments
Labels: next

#1500 - Update VulnTotal Github Datasource

Pull Request - State: closed - Opened by michaelehab 7 months ago - 1 comment

#1498 - Some Reference URLs comprise a pair of near-duplicates

Issue - State: open - Opened by johnmhoran 7 months ago
Labels: ui, data-quality

#1497 - Add Temurin OpenJDK vulnerability data

Issue - State: open - Opened by mjherzog 7 months ago
Labels: Data collection

#1496 - Collect OpenJDK advisories

Issue - State: open - Opened by pombredanne 7 months ago

#1494 - Report vulnerabilities associated with an SBOM/PURL inventory

Issue - State: open - Opened by johnmhoran 7 months ago
Labels: enhancement, Data collection

#1493 - Empty `reference_id` values

Issue - State: open - Opened by tdruez 7 months ago
Labels: bug, API, next

#1492 - API performance issues

Issue - State: open - Opened by tdruez 7 months ago
Labels: bug, Priority: high, API, next

#1491 - Add Almalinux advisories

Pull Request - State: open - Opened by ambuj-1211 8 months ago - 4 comments

#1490 - Add cvssv3 and cvssv3.1 score to the CVE

Pull Request - State: closed - Opened by ambuj-1211 8 months ago - 1 comment

#1489 - Add new Apache CVE data source

Issue - State: open - Opened by pombredanne 8 months ago

#1488 - Bump urllib3 from 1.26.18 to 1.26.19

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies

#1487 - Consider providing a reference_type to categorize various references to a vulnerability

Issue - State: open - Opened by DennisClark 8 months ago - 2 comments
Labels: enhancement, next

#1486 - Add cocoapods vulnerabilities

Issue - State: open - Opened by pombredanne 8 months ago - 1 comment
Labels: Data collection

#1485 - Incorrect/Useless data in VulnerableCode

Issue - State: open - Opened by Hritik14 8 months ago - 1 comment
Labels: data-quality

#1484 - Add support to CVSSv4 & SSVC and import the data using vulnrichment

Pull Request - State: open - Opened by ziadhany 8 months ago - 6 comments

#1483 - Increase display width #1299

Pull Request - State: closed - Opened by johnmhoran 9 months ago - 12 comments

#1482 - Bump requests from 2.31.0 to 2.32.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies

#1481 - Add Support to EPSS

Pull Request - State: open - Opened by ziadhany 9 months ago - 14 comments

#1480 - Incorrect vulnerable range for pkg:npm/%40babel/[email protected]

Issue - State: open - Opened by pombredanne 9 months ago
Labels: data-quality

#1479 - Display vulnerable version range in the UI and report in the API

Issue - State: open - Opened by pombredanne 9 months ago
Labels: enhancement, API, ui

#1478 - Enable killing importer/improver

Issue - State: open - Opened by pombredanne 9 months ago

#1477 - Do not log to stdout minor issues

Issue - State: open - Opened by pombredanne 9 months ago

#1476 - Added safetydb datasource

Pull Request - State: closed - Opened by OmkarPh 9 months ago
Labels: VulnTotal

#1475 - Collect https://github.com/cisagov/vulnrichment

Issue - State: open - Opened by pombredanne 9 months ago

#1474 - CRAVEX: Vulnerability exploitability: Collect EPSS

Issue - State: open - Opened by pombredanne 9 months ago - 1 comment

#1473 - CRAVEX: Vulnerability exploitability: Collect CVSSv4

Issue - State: open - Opened by pombredanne 9 months ago - 1 comment

#1472 - Bump jinja2 from 3.1.3 to 3.1.4

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies

#1471 - Collect data from https://www.zerodayinitiative.com/advisories/

Issue - State: open - Opened by pombredanne 9 months ago
Labels: Data collection

#1470 - Collect misc Stackrock vulnerability data

Issue - State: open - Opened by pombredanne 9 months ago
Labels: Data collection

#1469 - Collect advisory data for argocd

Issue - State: open - Opened by pombredanne 10 months ago
Labels: Data collection

#1468 - Collect data from Yocto

Issue - State: open - Opened by pombredanne 10 months ago - 4 comments
Labels: Data collection

#1467 - Add test to check that all URLs we use are alive

Issue - State: open - Opened by pombredanne 10 months ago - 1 comment

#1466 - Add basic UI template for API

Pull Request - State: closed - Opened by pombredanne 10 months ago - 3 comments

#1465 - Add basic styling to API "UI"

Issue - State: open - Opened by pombredanne 10 months ago

#1464 - Bump gunicorn from 20.1.0 to 22.0.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies

#1463 - Bump sqlparse from 0.4.4 to 0.5.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies

#1462 - Collect Grafana vulnerabilities

Issue - State: open - Opened by pombredanne 10 months ago
Labels: Data collection

#1461 - Expose Advisory data in API

Pull Request - State: closed - Opened by ykodwani01 10 months ago - 4 comments

#1460 - Bump idna from 3.3 to 3.7

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies

#1459 - Expose Advisory details in API

Pull Request - State: closed - Opened by ykodwani01 10 months ago - 5 comments

#1458 - VulnerableCode: Use proper apk package type for Alpine

Issue - State: open - Opened by pombredanne 10 months ago
Labels: data-quality

#1457 - Consider SSVC for vulnerabilities prioritization

Issue - State: open - Opened by pombredanne 10 months ago
Labels: Data collection

#1455 - Collect CVE tagged with exploits from https://github.com/CERTCC/metasploit-framework

Issue - State: open - Opened by pombredanne 10 months ago
Labels: Data collection

#1454 - Collect exploits from metasploit

Issue - State: open - Opened by pombredanne 10 months ago - 1 comment
Labels: Data collection

#1453 - Collect exploits from exploitdb

Issue - State: open - Opened by pombredanne 10 months ago - 1 comment
Labels: Data collection

#1452 - Collect exploits from PACKETSTORM

Issue - State: open - Opened by pombredanne 10 months ago
Labels: Data collection

#1451 - Import 0day "in the wild" data from Google

Issue - State: open - Opened by pombredanne 10 months ago
Labels: Data collection

#1450 - use https.ok from HTTP package

Pull Request - State: closed - Opened by thebigbone 10 months ago - 2 comments

#1449 - Should be able to fetch individual CVEs on demand

Issue - State: open - Opened by AyanSinhaMahapatra 10 months ago
Labels: Data collection

#1448 - Expose advisory Details in API

Pull Request - State: closed - Opened by ykodwani01 10 months ago - 3 comments

#1447 - Handle Gitlab false positive

Issue - State: open - Opened by pombredanne 11 months ago - 2 comments
Labels: data-quality

#1446 - Collect data from SECURITY.md files

Issue - State: open - Opened by pombredanne 11 months ago

#1445 - Update GitHub GraphQL import in vulntotal datasources

Pull Request - State: closed - Opened by poju3185 11 months ago - 2 comments
Labels: VulnTotal

#1444 - Bump black from 22.3.0 to 24.3.0

Pull Request - State: open - Opened by dependabot[bot] 11 months ago
Labels: dependencies

#1443 - AppRegistryNotReady error when setting up vulntotal

Issue - State: closed - Opened by poju3185 11 months ago - 2 comments
Labels: good first issue, difficulty:easy, VulnTotal

#1442 - Fix quoting of purl with qualifiers

Pull Request - State: closed - Opened by TG1999 11 months ago

#1441 - Prepare for release v34.0.0rc4

Pull Request - State: closed - Opened by TG1999 11 months ago

#1440 - Revert "Remove duplicated changelogs"

Pull Request - State: closed - Opened by TG1999 11 months ago

#1439 - Add curl advisories importer

Pull Request - State: open - Opened by ambuj-1211 11 months ago - 17 comments

#1438 - Fixing typo in contributing.rst

Pull Request - State: closed - Opened by poju3185 11 months ago

#1437 - Collect data from Anchore NVD overrides

Issue - State: open - Opened by pombredanne 11 months ago - 2 comments
Labels: Data collection, good first issue, difficulty:easy

#1436 - Expose Advisory Details in API and LifeRay advisory importer

Pull Request - State: closed - Opened by ykodwani01 11 months ago - 1 comment

#1435 - Add list of supported data sources and status/counters on home page

Issue - State: open - Opened by pombredanne 11 months ago - 8 comments

#1434 - Add proprietary, non-public advisory datasources to vulntotal

Issue - State: open - Opened by pombredanne 11 months ago - 1 comment
Labels: VulnTotal

#1433 - Expose advisory details in the API and UI

Issue - State: open - Opened by pombredanne 11 months ago - 3 comments

#1432 - Add wolfi security advisories

Issue - State: open - Opened by pombredanne 11 months ago

#1431 - Improve Improver documentation

Issue - State: open - Opened by mjherzog 11 months ago
Labels: Priority: medium, documentation, importer

#1430 - Add Siemens Healthineers advisories

Issue - State: open - Opened by pombredanne 11 months ago

#1429 - Collect Siemens advisories

Issue - State: open - Opened by pombredanne 11 months ago - 1 comment

#1428 - Fix migration 055

Pull Request - State: closed - Opened by TG1999 11 months ago

#1427 - Ingest Rust data through Github api

Pull Request - State: closed - Opened by shravankshenoy 11 months ago - 1 comment

#1426 - Prepare for release v34.0.0rc3

Pull Request - State: closed - Opened by TG1999 12 months ago

#1425 - Missing vulnerable range

Issue - State: open - Opened by pombredanne 12 months ago
Labels: bug, data-quality

#1424 - Bump cryptography from 42.0.0 to 42.0.4

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies

#1423 - Add URL to the vulnerability and package details view in the API serializers

Pull Request - State: closed - Opened by TG1999 12 months ago - 2 comments

#1422 - Add a basic model for Known Exploited Vulnerabilities

Pull Request - State: closed - Opened by ziadhany 12 months ago - 1 comment

#1421 - Bump cryptography from 42.0.0 to 42.0.2

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies

#1420 - Store previous non-vulnerable version

Issue - State: open - Opened by TG1999 12 months ago