CVE_Prioritizer icon indicating copy to clipboard operation
CVE_Prioritizer copied to clipboard
verified publisher icon TURROKS

Good enrichment of CVE data, try SSVC to add prioritisation

Open chrisdlangton opened this issue 1 year ago • 3 comments

As title states I look forward to seeing this project tackle the prioritisation problems

Consider the python-ssvc library from pypi.org as a guide on reaching a prioritisation decision or outcome

Happy to assist as I'm maintaining that library and I am also a member of the EPSS SIG and can offer you support there too.

I'm not just dumping the issue on you, I am offering to actively engage

chrisdlangton avatar May 25 '24 23:05 chrisdlangton

Hi @chrisdlangton, thanks for raising this issue.

I've been looking at CISA's vulnrichment as a way to bring SSVC into the project, but I wasn't aware about the python-ssvc. I would love to hear your thoughts and collaborate on this feature! please feel free to email me at [email protected]

TURROKS avatar May 27 '24 15:05 TURROKS

Hi, I´m just curious about if there any news about this? :)

Would be very good to have SSVC also on CVE_Prioririzer!

dr4lekhine avatar Mar 25 '25 15:03 dr4lekhine

Hi @dr4lekhine I did review the Vulnrichment repo but at that time only a portion of the CVEs had SSVC data, I'll take another look, it might be worth to add it even if only the new CVEs have SSVC data

TURROKS avatar Mar 25 '25 17:03 TURROKS