Groups
Sign in
Groups
osv-discuss
Conversations
About
Send feedback
Help
osv index and vuln discovery
48 views
Skip to first unread message
Mehdi Karimi
unread,
Aug 4, 2021, 6:56:46 PM
8/4/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to osv-discuss
How many of the oss packages are indexed or actually fuzzed?!
Is this a starter project?
For example, I am trying to query expat, version 2.2.5 and I see nothing returned! however, from the expat site, I see there is vuln with 2.2.5.
url = "
https://api.osv.dev/v1/query
"
myjson = {"version": "2.2.5", "package": {"name": "expat", "ecosystem": "OSS-Fuzz"}}
x =
requests.post
(url, json = myjson)
print(x.text)
I also tried packages listed below with the PyPI ecosystem but nothing returns!
https://jfrog.com/blog/malicious-pypi-packages-stealing-credit-cards-injecting-code/
Reply all
Reply to author
Forward
0 new messages