Corrections Needed for Several Malware Attributions #2729
Labels
data quality
Issues with data quality
Comments
|
Hi @behnazh-w, thanks for reporting! OSV gets all malicious package information from upstream. To correct the record, could you please raise an issue there to provide feedback directly to the record's originator? FAQ: https://google.github.io/osv.dev/faq/#ive-found-something-wrong-with-the-data |
|
✨ Thank you for your interest in OSV.dev's data quality! ✨ Please review our FAQ entry on how to most efficiently have this addressed. |
|
Thank you, @hogo6002. I have opened an issue in the upstream repository: ossf/malicious-packages#660. |
|
Thanks Behnaz! Close this issue for now, feel free to reopen it if you have any other issues. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
As part of the Macaron package, we have identified several malicious Python packages in your records that have been incorrectly attributed to ReversingLabs as the FINDER. Two examples are the manyhttps and multiconnection packages. We are happy to provide confirmation emails from the PyPI security team for our reports. How can we share this information to update your records?
The text was updated successfully, but these errors were encountered: