{"id":25887885,"url":"https://github.com/wolfi-dev/advisories","last_synced_at":"2025-04-10T00:16:39.115Z","repository":{"id":162110887,"uuid":"634897714","full_name":"wolfi-dev/advisories","owner":"wolfi-dev","description":"Security advisory data for Wolfi","archived":false,"fork":false,"pushed_at":"2025-04-09T20:34:24.000Z","size":33111,"stargazers_count":16,"open_issues_count":13,"forks_count":73,"subscribers_count":23,"default_branch":"main","last_synced_at":"2025-04-10T00:16:37.731Z","etag":null,"topics":["no-ghaudit-default-permissions"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wolfi-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-01T13:49:36.000Z","updated_at":"2025-04-09T19:01:32.000Z","dependencies_parsed_at":"2024-05-03T08:28:31.472Z","dependency_job_id":"d2f1ab40-58bb-42d0-8b5a-c8389a87a2c6","html_url":"https://github.com/wolfi-dev/advisories","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfi-dev%2Fadvisories","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfi-dev%2Fadvisories/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfi-dev%2Fadvisories/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfi-dev%2Fadvisories/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wolfi-dev","download_url":"https://codeload.github.com/wolfi-dev/advisories/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248131317,"owners_count":21052820,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["no-ghaudit-default-permissions"],"created_at":"2025-03-02T18:19:57.325Z","updated_at":"2025-04-10T00:16:39.092Z","avatar_url":"https://github.com/wolfi-dev.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# advisories\n\nSecurity advisory data for the Wolfi distribution.\n\n## Introduction\n\nThis repository is where we store Wolfi's security advisory data. Each Wolfi package is represented with a `\u003cpackage-name\u003e.advisories.yaml` file, if there are any advisories recorded for the given package.\n\nThe purpose of the advisory data is to record all investigated package vulnerabilities and indicate the latest understanding of whether or not the package is affected by the vulnerability.\n\n## Interpreting the data\n\nEach package advisories file in this repository has a list of one or more advisories. Each advisory is named by an ID (e.g. \"CVE-2023-12345\") and contains a list of timestamped events that describe the investigation of a vulnerability's impact on the given package.\n\n### Event Types\n\nFor a detailed look at the current event types, see the [Event Types](./docs/event_types.md) document.\n\n## Using the data\n\nThe best way to interact with the data in this repo is to use [`wolfictl`](https://github.com/wolfi-dev/wolfictl). Run `wolfictl advisory -h` to see a list of commands designed to interact with this dataset.\n\nFor example, to see advisories for every package in Wolfi:\n\n```console\n$ wolfictl advisory list\napko: CVE-2023-28840: fixed (0.7.3-r1)\napko: CVE-2023-28841: fixed (0.7.3-r1)\napko: CVE-2023-28842: fixed (0.7.3-r1)\nbind: CVE-2018-5736: fixed (9.18.10-r0)\n(and so on...)\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfi-dev%2Fadvisories","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwolfi-dev%2Fadvisories","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfi-dev%2Fadvisories/lists"}