vulnrichment
vulnrichment copied to clipboard
cisagov
A repo to conduct vulnerability enrichment.
# 💡 Summary # Noticed that the affected object was getting repeated for each version number. https://github.com/cisagov/vulnrichment/blob/develop/2024/30xxx/CVE-2024-30378.json#L245-L326 ``` { "cpe": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", "vendor": "juniper", "product": "junos", "versions": [ { "status": "affected",...
# 🐛 Summary # I am noticing a lot of dashes (-) in the generated CPE strings. An example is is in [CVE-2024-1347](https://github.com/cisagov/vulnrichment/blob/5140a8995b4641d58fa9162d3694bd4d9ef681ed/2024/1xxx/CVE-2024-1347.json#L164) with the CPE of `"cpe": "cpe:2.3:a:gitlab:gitlab:-:*:*:*:-:*:*:*"`. According...
This sentence in the README is confusing _Producers and consumers of this CVE data should already be familiar with the current [JSON format](https://www.cve.org/Media/News/item/blog/2023/03/29/CVE-Downloads-in-JSON-5-Format), and can access this data in the...
# 🐛 Summary # Vendor string used for this xpdf CVE is `xpdf`. https://github.com/cisagov/vulnrichment/blob/develop/2024/4xxx/CVE-2024-4568.json#L136 NVD, however uses `glyphandcog` as the vendor, similar to `tukaani` for xz. https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=xpdf ## Expected behavior...
The CISA ADP has the wrong CPE/vendor/product for CVE-2023-6892. The vendor and product should be wpfactory and ean_for_woocommerce respectively. This is a different product from woocommerce: 1. https://wordpress.org/plugins/ean-for-woocommerce/#description 2. https://wordpress.org/plugins/woocommerce/...
For the CISA Coordinator options. For "Exploitation" can you clarify: 1. What are the sources used to determine Confirmed Exploitation and POC? 2. What is the process to ensure these...
CVE-2023-28330 is another vulnerability that the CISA ADP attributes to Linux/Linux Kernel, when it should in fact be [Moodle](https://moodle.org/mod/forum/discuss.php?d=445062). Additionally, the `versions` arrays are wrong. The CNA provided, as far...
CVE-2023-25399 [reportedly](https://web.archive.org/web/20230706040445/http://www.square16.org/achievement/cve-2023-25399/) affects SciPy before 1.10.0. The `versions` array didn't properly express this. Using `"lessThan":"1.10.0"` (which CISA already had) with `"version":"0"`, I believe, is the preferred way to describe the...
CVE-2023-5002 is a vulnerability affecting [pgAdmin](https://github.com/pgadmin-org/pgadmin4/issues/6763). Currently, CISA ADP indicates the vulnerability is associated with the Linux kernel. Additionally, according to Red Hat's [bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=2239164) and the pgAdmin [issue](https://github.com/pgadmin-org/pgadmin4/issues/6763), this was...