You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are now multiple data sources of vulnerabilities which can be used to assess components. Supporting more may provide more accurate reporting of vulnerabilities.
Why?
With the issues which the NVD is experiencing alternative sources of vulnerability information are now being used across industry.
Suggest supporting the data from CVE.org which contains CVE records in JSON format and includes additional information such as CVSS V4 scores and PURL records (will be supported from schema version 5.1).
Description
There are now multiple data sources of vulnerabilities which can be used to assess components. Supporting more may provide more accurate reporting of vulnerabilities.
Why?
With the issues which the NVD is experiencing alternative sources of vulnerability information are now being used across industry.
Suggest supporting the data from CVE.org which contains CVE records in JSON format and includes additional information such as CVSS V4 scores and PURL records (will be supported from schema version 5.1).
Anything else?
Other potential sources to consider are:
The text was updated successfully, but these errors were encountered: