dependency-track icon indicating copy to clipboard operation
dependency-track copied to clipboard

Published 20 hours ago verified publisher icon DependencyTrack

include vulnerabilities from other sources than NVD in exploit predictions graph

Open redaabdellah21 opened this issue 2 years ago • 2 comments

The enhancement may already be reported! Please search for the enhancement before creating one.

Current Behavior:

vulnerabilities reported by oss index or github are not in the exploit predictions graph

Proposed Behavior:

include these vulnerabilities in the graph so that we can prioritize their audit

image

redaabdellah21 avatar Aug 18 '22 09:08 redaabdellah21

EPSS is created and managed by "first.org" team, who also created CVSS Calculator for CVEs. DT mirrors the EPSS tables daily and represent them in the GUI. I believe for this enhancement should you address to FIRST

JN-CSIRT avatar Aug 18 '22 10:08 JN-CSIRT

Hi @JN-CSIRT, thank you, i will try to contact them.

redaabdellah21 avatar Aug 18 '22 10:08 redaabdellah21