-
Notifications
You must be signed in to change notification settings - Fork 125
Pull requests: google/osv-scalibr
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
security: validate QCOW2 ClusterBits to prevent OOM from crafted headers
#1995
opened Apr 20, 2026 by
adilburaksen
Loading…
embeddedfs/vdi: add bounds check for BlocksInImage before slice allocation
#1994
opened Apr 20, 2026 by
adilburaksen
Loading…
embeddedfs/vmdk: limit zlib grain decompression to prevent memory exhaustion
#1993
opened Apr 20, 2026 by
adilburaksen
Loading…
PRP: Add Argo CD and Argo Workflows container image extractors
#1992
opened Apr 20, 2026 by
Amsamms
Loading…
fix: re-enable exhaustive lint for the switch in ecosystem parsing
#1991
opened Apr 20, 2026 by
Ly-Joey
Collaborator
Loading…
feat(extractor): Add Hugging Face Transformers config.json extractor
#1989
opened Apr 19, 2026 by
SteppL10n-prog
Loading…
Acceptance tests for secrets validator
#1987
opened Apr 16, 2026 by
alessandro-Doyensec
Collaborator
Loading…
8 tasks done
Rpm/add exploitability signals only to main repos packages
#1986
opened Apr 16, 2026 by
alessandro-Doyensec
Collaborator
Loading…
Fix/osduplicate testbed bugs
#1985
opened Apr 16, 2026 by
alessandro-Doyensec
Collaborator
Loading…
2 tasks done
Revise issue response time and add rules link
#1982
opened Apr 14, 2026 by
cuixq
Collaborator
Loading…
Harden Maven registry trust for pom.xml sourced entries
#1970
opened Apr 10, 2026 by
TristanInSec
Loading…
4 tasks done
Feature (secrets) : Added Alibaba cloud keys detector and validator
#1946
opened Apr 9, 2026 by
saurabhb-dev
Contributor
Loading…
4 tasks done
Update javascript/packagejson to support line numbers.
#1943
opened Apr 7, 2026 by
copybara-service
bot
Loading…
Update java/pomxml to support line numbers.
#1942
opened Apr 7, 2026 by
copybara-service
bot
Loading…
PRP: Add MongoDB Atlas API key secret extractor and validator
#1939
opened Apr 6, 2026 by
Amsamms
Loading…
Add NuGet.org API Key secret extractor and validator
#1936
opened Apr 5, 2026 by
Amsamms
Loading…
3 of 4 tasks
fix: alpine version transitivity issues with invalid versions
#1932
opened Apr 2, 2026 by
michaelkedar
Member
Loading…
clients/datasource: reject non-HTTPS Maven registry URLs when credentials configured
#1931
opened Apr 2, 2026 by
djvirus9
Loading…
Migrate EmbeddedFS extractors to use tempdir utility
#1912
opened Mar 29, 2026 by
0xXA
Contributor
Loading…
PRP: Add AMQP/AMQPS credential validation for RabbitMQ URLs
#1910
opened Mar 29, 2026 by
Amsamms
Loading…
tempdir: add temporary directory management utility
#1904
opened Mar 24, 2026 by
0xXA
Contributor
Loading…
fix(b/400910349): move ScanRoot from Package to PackageLocation
#1902
opened Mar 22, 2026 by
0xXA
Contributor
Loading…
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.