Alexandre Dulaunoy
Alexandre Dulaunoy
The roles seen are the following: - `admin` full access to everything including update of other comments or bundles or vulnerabilities - `commenter` allow to create new comment or edit...
Some additional CSAF sources - CISA - https://github.com/cisagov/CSAF - RedHat - https://access.redhat.com/security/data/csaf/v2/advisories/?extIdCarryOver=true&sc_cid=701f2000001OH7EAAW - Siemens - https://cert-portal.siemens.com/productcert/csaf/provider-metadata.json
- [x] https://www.cisco.com/.well-known/csaf - [x] https://wid.cert-bund.de/.well-known/csaf-aggregator/aggregator.json (listed some more CSAF feed)
Fixed.
Looks great! Maybe another tab for the `bundles` listing the reference if the vulnerability is referenced in a bundle.
@cedricbonhomme That would be ideal (maybe to have it optional).
@cedricbonhomme Good point. The description field should be indeed mandatory. For the array of vulnerabilities, it was just if we wanted to have the same descriptions for many vulnerabilities.
Yep it's not very clear. We can keep the issue and close it for historical purpose.
So the valuable source it's then in https://git.kernel.org/pub/scm/linux/security/vulns.git/tree/cve/published which also content the message-id reference along with the CVE and the raw data of the mbox file. So then it makes...
Thanks a lot for the work!