Some bulletins are missing ?

Hello there,

Thank you for this great work but it seems that, according to my understanding, some bulletins are missing in the [`advisories` folder](https://github.com/github/advisory-database/tree/main/advisories) of this repository.

For instance, I can't find this bulletin: https://github.com/advisories/GHSA-gw4j-fhj8-497m (found with this [search request](https://github.com/advisories?query=type%3Amalware+PyProto2)).

Idem with "pymocks" ([GHSA](https://github.com/advisories?query=type%3Amalware+pymocks) and [OSV](https://osv.dev/vulnerability/MAL-2022-7426)):

```
┌──[/tmp/]
└─$ git clone https://github.com/github/advisory-database/ && cd /advisory-database/advisories

┌──[/tmp/advisory-database/advisories]
└─$ rg pymocks

┌──[/tmp/advisory-database/advisories]
└─$ grep -inr pymocks

┌──[/tmp/advisory-database/advisories]
└─$ grep -inr "GHSA-8rgr-xgx4-q7jq"

┌──[/tmp/advisory-database/advisories]
└─$ grep -inr "MAL-2022-7426"
```

Whereas it is present in the [`PyPi OSV dataset`](https://www.googleapis.com/download/storage/v1/b/osv-vulnerabilities/o/PyPI%2Fall.zip?generation=1721554855553821&alt=media):
```
$ unzip -l Pypi.zip |grep -i MAL-2022-7426
   2223  2024-07-21 09:37   MAL-2022-7426.json
```

Is there any reason for this repository not to contain all bulletins ?

Cheers!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Some bulletins are missing ? #4612

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Some bulletins are missing ? #4612

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions