Giters

google / osv.dev

Open source vulnerability DB and triage service.

Home Page:https://osv.dev

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Inconsistency in query API output

boravinod145 opened this issue · comments

commented

Describe the bug
Query vuln for a package and version in query and querybatch APIs gives the different output.

To Reproduce
querying vulnerabilities for the package Jenkins with version 2.414.3
In query API:

curl -d \
 '{"version": "2.414.3","package": {"name": "jenkins","ecosystem": "Bitnami"}}'\
 "https://api.osv.dev/v1/query"

In batch query API:

curl -d \
'{"queries": [{"package": {"name": "jenkins","ecosystem": "Bitnami"},"version": "2.414.3"}]}' \
"https://api.osv.dev/v1/query"

Expected behavior
The output of both APIs (query+querybatch) for the same package and version should be matched.