Alternatives and similar repositories for advisory-database

Users that are interested in advisory-database are comparing it to the libraries listed below

• pypa / pip-audit
  Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
  ☆1,177Updated 2 weeks ago
• package-url / packageurl-python
  Python implementation of the package url spec. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase…
  ☆85Updated last month
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆224Updated last week
• CycloneDX / cyclonedx-python
  CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
  ☆350Updated this week
• sonatype-nexus-community / jake
  Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
  ☆132Updated 7 months ago
• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆115Updated 5 months ago
• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆309Updated this week
• CycloneDX / cyclonedx-python-lib
  Functionality and DataModels of OWASP CycloneDX for Python
  ☆100Updated this week
• tonybaloney / pycharm-security
  Finds security holes in your Python projects from PyCharm and GitHub
  ☆348Updated 5 months ago
• psf / advisory-database
  This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)
  ☆39Updated this week
• dlint-py / dlint
  Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
  ☆174Updated 2 weeks ago
• twu / skjold
  Security audit Python project dependencies against security advisory databases.
  ☆66Updated 5 months ago
• spdx / tools-python
  A Python library to parse, validate and create SPDX documents.
  ☆231Updated last week
• CloudSecurityAlliance / gsd-database
  Global Security Database
  ☆317Updated last year
• DataDog / guarddog
  GuardDog is a CLI tool to Identify malicious PyPI and npm packages
  ☆957Updated this week
• pypa / gh-action-pip-audit
  A GitHub Action for pip-audit
  ☆82Updated last week
• trailofbits / it-depends
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…
  ☆381Updated this week
• sethmlarson / pypi-data
  Data about packages and maintainers on PyPI
  ☆130Updated 3 months ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…
  ☆134Updated last month
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆71Updated 3 months ago
• vstinner / python-security
  Documentation of Python security
  ☆92Updated 5 months ago
• aboutcode-org / univers
  Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs…
  ☆38Updated 2 months ago
• facebook / sapp
  Post Processor for Facebook Static Analysis Tools.
  ☆140Updated this week
• avilum / secimport
  The first open-source eBPF sandbox for Python (macOS/Linux): Secure libraries, block RCE, and enforce precise syscall control. Dive into …
  ☆233Updated last month
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆45Updated last year
• pyupio / dparse
  A parser for Python dependency files
  ☆65Updated last year
• nilp0inter / cpe
  CPE: Common Platform Enumeration for Python
  ☆96Updated 3 months ago
• scanoss / purl2cpe
  PURL to CPE Relationship mapping project.
  ☆106Updated this week
• hugovk / top-pypi-packages
  A regular dump of the most-downloaded packages from PyPI
  ☆248Updated 2 weeks ago
• CycloneDX / gh-python-generate-sbom
  GitHub action to generate a CycloneDX SBOM for Python
  ☆14Updated last year