{"id":14483132,"url":"https://github.com/ossf/osv-schema","last_synced_at":"2025-05-16T09:03:41.322Z","repository":{"id":37885313,"uuid":"389777641","full_name":"ossf/osv-schema","owner":"ossf","description":"Open Source Vulnerability schema. ","archived":false,"fork":false,"pushed_at":"2025-04-30T04:02:25.000Z","size":660,"stargazers_count":198,"open_issues_count":38,"forks_count":93,"subscribers_count":31,"default_branch":"main","last_synced_at":"2025-05-02T19:42:28.621Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://ossf.github.io/osv-schema/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ossf.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-07-26T21:55:15.000Z","updated_at":"2025-04-30T04:02:30.000Z","dependencies_parsed_at":"2024-01-17T08:17:11.321Z","dependency_job_id":"f7c09ac2-b4c5-4444-8434-50ed0ae086e0","html_url":"https://github.com/ossf/osv-schema","commit_stats":null,"previous_names":[],"tags_count":18,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fosv-schema","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fosv-schema/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fosv-schema/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossf%2Fosv-schema/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ossf","download_url":"https://codeload.github.com/ossf/osv-schema/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254501554,"owners_count":22081528,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-09-03T00:01:32.599Z","updated_at":"2025-05-16T09:03:41.308Z","avatar_url":"https://github.com/ossf.png","language":"Python","funding_links":[],"categories":["Python","Go"],"sub_categories":[],"readme":"# Open Source Vulnerability Schema\n\nThe Open Source Vulnerability (OSV) schema provides a human and machine readable data format to describe vulnerabilities in a way that precisely maps to open source package versions or commit hashes. \n\nThis format is currently exported by:\n- [AlmaLinux](https://github.com/AlmaLinux/osv-database)\n- [Bitnami Vulnerability Database](https://github.com/bitnami/vulndb)\n- [Chainguard](https://packages.cgr.dev/chainguard/osv/all.json)\n- [Curl](https://curl.se/docs/vuln.json)\n- [GitHub Security Advisories](https://github.com/github/advisory-database)\n- [Global Security Database](https://github.com/cloudsecurityalliance/gsd-database)\n- [Go Vulnerability Database](https://github.com/golang/vulndb)\n- [Haskell Security Advisories](https://github.com/haskell/security-advisories)\n- [LoopBack Advisory Database](https://github.com/loopbackio/security/tree/main/advisories)\n- [Malicious Packages Repository](https://github.com/ossf/malicious-packages)\n- [Mageia Advisories](https://advisories.mageia.org/)\n [MinimOS](https://packages.mini.dev/advisories/osv/all.json)\n [OSS-Fuzz](https://github.com/google/oss-fuzz-vulns)\n- [OSV.dev maintained converters](https://github.com/google/osv.dev#current-data-sources) (Debian, Alpine, NVD)\n- [PyPI Advisory Database](https://github.com/pypa/advisory-database)\n- [Python Software Foundation Database](https://github.com/psf/advisory-database)\n- [RConsortium Advisory Database](https://github.com/RConsortium/r-advisory-database)\n- [Red Hat](https://security.access.redhat.com/data)\n- [Rocky Linux](https://distro-tools.rocky.page/apollo/openapi/#osv)\n- [Rust Advisory Database](https://github.com/RustSec/advisory-db)\n- [SUSE](https://www.suse.com/support/security/)\n- [Ubuntu](https://github.com/canonical/ubuntu-security-notices/)\n- [VMWare Photon OS](https://github.com/vmware/photon/wiki/Security-Advisories) (unofficial)\n\nTogether, these include vulnerabilities from:\n- AlmaLinux\n- Alpine\n- Android\n- Bitnami\n- Chainguard\n- crates.io\n- Debian GNU/Linux\n- GitHub Actions\n- Go\n- Haskell\n- Hex\n- Linux kernel\n- Mageia\n- Maven\n MinimOS\n- npm\n- NuGet\n- openSUSE\n- OSS-Fuzz\n- Packagist\n- Photon OS\n- Pub\n- PyPI\n- Python\n- R (CRAN and Bioconductor)\n- Red Hat\n- SUSE\n- Rocky Linux\n- RubyGems\n- Ubuntu\n\nThese vulnerabilities are aggregated by \u003chttps://osv.dev\u003e.\n\nJoin the discussion in the [OpenSSF Slack](https://slack.openssf.org/) channel [#osv_schema](https://openssf.slack.com/archives/C03K6SZBH2S)\n\nReference tooling (e.g. converters) can be found in the [tools/](tools) directory\n\nThe current version of the specification is rendered [here](https://ossf.github.io/osv-schema/).\n\nThe OSV-Schema specification and the tools here are maintained by the [Open Source Security Foundation (OpenSSF)](https://openssf.org/) [Vulnerability Disclosures Working Group (WG)](https://github.com/ossf/wg-vulnerability-disclosures).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fosv-schema","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fossf%2Fosv-schema","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossf%2Fosv-schema/lists"}