forked fromossf/osv-schema
- Notifications
You must be signed in to change notification settings - Fork0
Open Source Vulnerability schema.
License
NotificationsYou must be signed in to change notification settings
mjpitz/osv-schema
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
This is the repository for the Open Source Vulnerability schema (OSV Schema), which is currently exported by:
- AlmaLinux
- Bitnami Vulnerability Database
- Chainguard
- Curl
- GitHub Security Advisories
- Global Security Database
- Go Vulnerability Database
- Haskell Security Advisories
- LoopBack Advisory Database
- Malicious Packages Repository
- Mageia Advisories
- OSS-Fuzz
- OSV.dev maintained converters (Debian, Alpine, NVD)
- PyPI Advisory Database
- Python Software Foundation Database
- RConsortium Advisory Database
- Red Hat
- Rocky Linux
- Rust Advisory Database
- SUSE
- Ubuntu
- VMWare Photon OS (unofficial)
Together, these include vulnerabilities from:
- AlmaLinux
- Alpine
- Android
- Bitnami
- Chainguard
- crates.io
- Debian GNU/Linux
- GitHub Actions
- Go
- Haskell
- Hex
- Linux kernel
- Mageia
- Maven
- npm
- NuGet
- openSUSE
- OSS-Fuzz
- Packagist
- Photon OS
- Pub
- PyPI
- Python
- R (CRAN and Bioconductor)
- Red Hat
- SUSE
- Rocky Linux
- RubyGems
- Ubuntu
These vulnerabilities are aggregated byhttps://osv.dev.
Join the discussion in theOpenSSF Slack channel#osv_schema
Reference tooling (e.g. converters) can be found in thetools/ directory
The current version of the specification is renderedhere.
The OSV-Schema specification and the tools here are maintained by theOpen Source Security Foundation (OpenSSF)Vulnerability Disclosures Working Group (WG).