-
Problem statement:
OSS users using OSV for vulnerability management have no standardized way to categorize vulnerabilities that they are currently or have historically been impacted by.
Research…
-
**Is your feature request related to a problem? Please describe.**
Currently, osv.dev doesn't have much information about container image vulnerabilities.
At the same time Artifacthub.io runs triv…
-
## Bug Report
### Version
`master` right now https://github.com/tokio-rs/tracing/commit/91ca0e03d80e26919da44124cc1435ad9e1c6903
```
> rustup run stable cargo tree | grep tracing
tracing v0…
-
I'm working on a [vulnerability detection benchmark](https://github.com/timothee-chauvin/eyeballvul) using OSV as the main data source. Having as many CWE root causes as possible would be useful for t…
-
**Is your feature request related to a problem? Please describe.**
I'm looking to reduce the number of false positives from SCA vulnerabilities by performing function-level reachability analysis. How…
-
**Describe the bug**
Multiple ranges on the same branch are not handled for GIT type.
I created a toy example based on the "multiple range example" : https://ossf.github.io/osv-schema/#multiple-…
-
would be nice to have type hints added to the library
mypy currently complains due to `univers: module is installed, but missing library stubs or py.typed marker`
https://peps.python.org/pep-048…
-
When I scan using an spdx sbom, I see:
```
osv-scanner scan --sbom=SBOM-report-testproject-habi-20240410_0131-clean-licenses.spdx.json --verbosity verbose
Scanned /home/paul/SBOM-report-testproje…
-
Jeg prøver å rydde opp litt her fordi det er ganske rotete... Vi har de følgende termene (treff).
Vulkaner (97)
Vulkanisme (118)
--> de to termene blir ikke brukt for forskjellige emner, jeg tro…
-
**Is your feature request related to a problem? Please describe.**
Indexer misses repositories publishing new C/C++ advisories that previously didn't exist in OSV.dev.
**Describe the solution you'd …