dwflist
The DWF IDs (by distributedweaknessfiling)
advisory-database
Advisory database for Python packages published on pypi.org (by pypa)
| dwflist | advisory-database | |
|---|---|---|
| 2 | 5 | |
| 36 | 237 | |
| - | 0.0% | |
| 9.9 | 7.3 | |
| almost 3 years ago | 6 days ago | |
| Creative Commons Zero v1.0 Universal | Creative Commons Attribution 4.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dwflist
Posts with mentions or reviews of dwflist.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-06-24.
-
Google's unified vulnerability schema for open source supports Rust on launch
Today, we’re excited to announce a new milestone in expanding OSV to several key open-source ecosystems: Go, Rust, Python, and DWF.
-
Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution
We requested a CVE through DWF for this one and got CVE-2021-1000005. It is not yet replicated on the official CVE list. CVSS score according to an X-Force Vulnerability Report is 9.8.
advisory-database
Posts with mentions or reviews of advisory-database.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-07-09.
- LangChain Arbitrary Command Execution - CVE-2023-34541
-
pyscan v0.1.0: A python dependency vulnerability scanner, written in Rust.
source
-
Auditing your python environment
The second tool I want to introduce to you is pip-audit. It is maintained by folks at Trails of Bit with some Google support. It uses the Pypa Advisory Database via the PyPI JSON API as a source of vulnerability reports.
- Adding Auditing to Pip
-
Google's unified vulnerability schema for open source supports Rust on launch
Today, we’re excited to announce a new milestone in expanding OSV to several key open-source ecosystems: Go, Rust, Python, and DWF.
What are some alternatives?
When comparing dwflist and advisory-database you can also consider the following projects:
advisory-db - Security advisory database for Rust crates published through crates.io
pyscan - python dependency vulnerability scanner, written in Rust.