-
-
See the following:
And as we can see in deps.dev the two GHSA are similar to the PYSEC advisories:
If the OSV has this info (it has aliases) we should de-dup.
-
When the credit in a report is attributed to a username, we should change make the `@username` a link to the correct page. For example, https://github.com/golang/vulndb/blob/1179110444905751f6788f14cb…
-
# Suggested CLI for vulndb tool
(moved from the original repo)
## Generic Options
--help = help for the current sub command
-v, -vv = verbose output, if any is provided - print output as logs.…
-
Add support for collectionUrl and packageName in cmd/cvetriage. This is introduced in CVE schema v5.0.
https://github.com/CVEProject/cve-schema/commit/3208d6d88de9132a559afad976d151275104da5e
ht…
-
Hello,
Thanks for putting the project together, I tried a poetry install on mac and psycopg2 failed to install, and as a result (?) none of the `vulndb admin` commands work properly. Moreover the …
-
Suppose a vulnerable symbol `module/internal.v` is reachable in a user program and that there is a derived symbol "module/internal.V" in the vulnerability report. A call stack produced by govulncheck …
-
https://build.golang.org/log/be5dbd3c54de7c236cf6114f0894ccfc71961aa4
Possibly related to #58301.
-
For example, https://github.com/CVEProject/cvelist/blob/master/2020/7xxx/CVE-2020-7668.json lists the module path in its product data. It is not listed in the references section.
Also if there is a…
-
In https://go.dev/cl/415800, we list the [`handleMessage`](https://github.com/ethereum/go-ethereum/blob/v1.10.8/eth/protocols/snap/handler.go#L133) symbol.
`handleMessage` is called by `handle`, an…
neild updated
9 months ago