Closed zurada closed 6 days ago
:sparkles: Thank you for your interest in OSV.dev's data quality! :sparkles:
Please review our FAQ entry on how to most efficiently have this addressed.
Adding to this, the advisory also does not have an affected package
meaning that the API and tools like osv-scanner
won't actually report this vulnerability in most cases unless you're using depending on the ws
package via git directly, which is not going to be most people 😅
Thanks for flagging this. I've triggered a re-import of this entry and it is now showing up on osv.dev
The CVE ID https://osv.dev/vulnerability/CVE-2024-37890 Describe the data quality issue observed Aliased GHSA GHSA-3h5v-q93c-6h6q could not be found in OSV.dev despite of fact it's in the GHSA database https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-3h5v-q93c-6h6q/GHSA-3h5v-q93c-6h6q.json Suggested changes to record GHSA-3h5v-q93c-6h6q should be present in the OSV.dev unless the requester does not understand when GHSA should or should not be present (please clarify its logic)