-
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
-
Thanks for this amazing project, we make heavy use of the clients library in [Hyades](https://github.com/DependencyTrack/hyades)!
Beside the NVD and GitHub Advisories, we also mirror the OSV databa…
-
Related to https://github.com/google/osv.dev/issues/2335, osv-scanner should not immediately fail if there are unknown values in the response, but print an error log and attempt to continue with the d…
-
**Is your feature request related to a problem? Please describe.**
There is no search box present on the front page of `osv.dev`. In order to search `osv.dev`, you have to click on "Search Vulnerabil…
-
NX-OSv crashes if 52+ adapters are configured, see https://gns3.com/community/discussion/gns3-adaptor-limits
-
### What happened?
Last release still has the CVE-2024-24790 with critical vulnerability.
CVE-2024-24790 - Base Score: [9.8 CRITICAL]
### What did you expect to happen?
No critical or high vul…
-
**Describe the bug**
The OSV.dev implementation of impact analysis diverges from the [specification](https://ossf.github.io/osv-schema/#evaluation) for `fixed` events. They seem to be treated like …
-
Add a new strategy / set of API to support the new OpenSSF project OSV: https://osv.dev/
Also see the official GitHub repository: https://github.com/ossf/malicious-packages
-
osv-scanner depends on a gradle lock file, not all projects are configured to generate such a file. It could be possible to obtain the resolved dependencies without a lock file and use that to call th…
-
Currently, we don't support git-lfs when checking out git sources.
E.g. https://github.com/jasinner/redhat-osv (at time of writing) uses git-lfs, and we're failing to import them with logs like:
…