Alexandre Dulaunoy
Alexandre Dulaunoy
@jbmaillet In any case, thanks for the feedback.
Maybe the easiest would be a very simple approach like we do for misp-galaxy. We have a set of keys for the collection like `name`, `description`, `creator`, `last_updated`, `list_of_vulnerability_references` and...
Could we imagine a fuzzy strategy for the different sources? where approximate results are calculated in another set? Like we did for cpe-guesser https://github.com/cve-search/cpe-guesser
Maybe starting with a new importer like the GSD source [GSD-database](https://github.com/cloudsecurityalliance/gsd-database) would be a good example of a second ID and also how to map the existing CVE with the...
New extensions - Allow to have a web interface similar to the original version cve-search - Allow to have an admin interface (also expose via the API) to easily create...
Potential new source to add - https://www.variotdbs.pl/vulns/
@Rafiot https://github.com/cve-search/vulnerability-lookup/issues/42 that would be an interesting candidate but it's using the ADP extension of CVE. Not exactly sure the best way to do it.
All the original design is now implemented and more. We can close the issue.
Thanks for the feedback. We will close the issue.
Yep a replacement is clearly needed for the SQL injection detection module or we fork it and continue to maintain it. The issue it's two software packages, the Python library...