-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Design and implementation of the vulnerability-lookup #1
Comments
Work in progress on that (branch
|
Maybe starting with a new importer like the GSD source GSD-database would be a good example of a second ID and also how to map the existing CVE with the GSD source too. |
New extensions
|
Some of the UI is implemented (search/list recent entries). Now let's discuss the system to create a new vulnerability. This is the form to report an advisory via github: Should it be similar to that? What is the minimal viable set of settings we want in the form? Then, how to we identify the advisory before it is assigned a CVE? And do we do that? If yes, one way is to do something similar to github with something like that: |
As found by @adulau , we should use this interface for edit/submit: And push it to vulnerability-lookup instead of CVE for the ones created by our constituants |
Open question regarding CVEList: it is more or less a duplicate of the NVD database, and it is not really possible to treat it as a new source. |
vulnerability-lookup project
vulnerability-lookup is a cve-search rewrite to support the following functionalities. This project will be a new software project under the cve-search organisation.
Functionalities
Core
/api/cve/
and/browse/
.Import
The text was updated successfully, but these errors were encountered: