vulndb
[mirror] The Go Vulnerability Database (by golang)
advisory-database
Advisory database for Python packages published on pypi.org (by pypa)
Our great sponsors
vulndb | advisory-database | |
---|---|---|
3 | 5 | |
538 | 238 | |
0.6% | 2.9% | |
9.7 | 7.3 | |
3 days ago | 4 days ago | |
Go | ||
GNU General Public License v3.0 or later | Creative Commons Attribution 4.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vulndb
Posts with mentions or reviews of vulndb.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-07-22.
-
GitHub brings supply chain security features to the Go community
With "Go vulnerability database", do you mean https://github.com/golang/vulndb?
-
What is the equivalent of "npm audit" in go?
An official vulnerability database for exactly that is in the making: https://go.googlesource.com/proposal/+/master/design/draft-vulndb.md https://github.com/golang/vulndb
-
Google's unified vulnerability schema for open source supports Rust on launch
Today, we’re excited to announce a new milestone in expanding OSV to several key open-source ecosystems: Go, Rust, Python, and DWF.
advisory-database
Posts with mentions or reviews of advisory-database.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-07-09.
- LangChain Arbitrary Command Execution - CVE-2023-34541
-
pyscan v0.1.0: A python dependency vulnerability scanner, written in Rust.
source
-
Auditing your python environment
The second tool I want to introduce to you is pip-audit. It is maintained by folks at Trails of Bit with some Google support. It uses the Pypa Advisory Database via the PyPI JSON API as a source of vulnerability reports.
- Adding Auditing to Pip
-
Google's unified vulnerability schema for open source supports Rust on launch
Today, we’re excited to announce a new milestone in expanding OSV to several key open-source ecosystems: Go, Rust, Python, and DWF.
What are some alternatives?
When comparing vulndb and advisory-database you can also consider the following projects:
nancy - A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
pyscan - python dependency vulnerability scanner, written in Rust.