ruby-advisory-db icon indicating copy to clipboard operation
ruby-advisory-db copied to clipboard

Published 20 hours ago verified publisher icon rubysec

[GHSA sync] handled related IDs

Open reedloden opened this issue 6 years ago • 2 comments

Sometimes we have multiple IDs combined together into one advisory.

One example of this is gems/bootstrap/CVE-2018-14040.yml. The GHSA sync script doesn't understand that CVE-2018-14042 is part of this same advisory.

reedloden avatar Jul 06 '19 15:07 reedloden

@rschultheis ^^

reedloden avatar Jul 17 '19 10:07 reedloden

The idea behind this issue is for the GHSA sync script to combine multiple GHSA advisories into one (fewer) ruby-advisory-db advisories and use related:/cvs: field and related:/ghsa: field because they are the "same" advisory.

jasnow avatar Jun 17 '23 14:06 jasnow