Light

ethernodes-org / vulns Goto Github PK

View Code? Open in Web Editor NEW

This project forked from matthelonianxl/vulns

0.0 1.0 1.0 9 KB

Report missing advisories and corrections on OSS Index

vulns's Introduction

OSS Index Vulnerability Reporting

This repository is intended for reports of:

Advisories missing from OSS Index
Issues with vulnerabilities reported by OSS Index
Zero days: Not directly supported here, but please submit them to the Central Security Project whereupon they will find their way into OSS Index.

Thank you for the help!

What is an advisory, and how do I submit one?

An advisory is a vulnerability which is reported somewhere on the internet. It might be reported as:

A vulnerability on a vulnerability list somewhere
A security advisory published by a product owner
A note in a readme
A GitHub, Bugzilla, JIRA, or other issue against a project

To submit an advisory, create an issue which contains the following information. Note that the more fields you provide, the faster we will be able to add the advisory to our catelog. At a minimum the URL field is required:

Issue Title:

Advisory: <A brief description of the advisory>

Issue body:

  URL: <Advisory URL>
  format: <Ecosystem name, eg. maven, npm, nuget, pypi, rubygem, etc.>
  namespace: <maven groupid, npm scope, etc.>
  name: <package name>
  versions: <Version range affected by the vulnerability>

How do I report other problems in OSS Index data?

Sometimes OSS Index has false positives, or reported vulnerabilities are incomplete.

Issue Title:

Bug: <OSS Index vulnerability URL>

Issue body. Provide a description of the problem:

  <description of problem>

vulns's People

Contributors

Watchers

Forkers

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.