From 40d1549377b4aaa891fe21630e53a66c9f91d25b Mon Sep 17 00:00:00 2001 From: Caleb Brown Date: Thu, 1 Feb 2024 00:15:11 +0000 Subject: [PATCH] Add Malicious Packages and the "MAL" id namespace. Signed-off-by: Caleb Brown Signed-off-by: Caleb Brown --- README.md | 1 + docs/schema.md | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/README.md b/README.md index f9bc9f4b..4f542ed1 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,7 @@ This is the repository for the Open Source Vulnerability schema (OSV Schema), wh - [Go Vulnerability Database](https://github.com/golang/vulndb) - [Haskell Security Advisories](https://github.com/haskell/security-advisories) - [LoopBack Advisory Database](https://github.com/loopbackio/security/tree/main/advisories) +- [Malicious Packages Repository](https://github.com/ossf/malicious-packages) - [OSS-Fuzz](https://github.com/google/oss-fuzz-vulns) - [OSV.dev maintained converters](https://github.com/google/osv.dev#current-data-sources) (Debian, Alpine, NVD) - [PyPI Advisory Database](https://github.com/pypa/advisory-database) diff --git a/docs/schema.md b/docs/schema.md index 5f32c508..077206d7 100644 --- a/docs/schema.md +++ b/docs/schema.md @@ -277,6 +277,17 @@ The defined database prefixes and their "home" databases are: + + MAL + Malicious Packages Repository + + + + OSV Advisories allocated by OSV.dev (currently only from OSS-Fuzz)