vulnrichment
vulnrichment copied to clipboard
cisagov
A repo to conduct vulnerability enrichment.
Looking at CVE-2024-5245, I saw the CISA ADP had, what I thought to be, a questionable version string. ```json "affected": [ { "cpes": [ "cpe:2.3:a:netgear:prosafe_network_management_system:1.7.0.34:*:*:*:*:*:*:*" ], "vendor": "netgear", "product": "prosafe_network_management_system",...
You have around 1000 files with "version": "*" exactly 7 lines after a CPE like: https://github.com/cisagov/vulnrichment/blob/c31752fa4a9da78d1b6af62037ea7112a6b7d584/2024/36xxx/CVE-2024-36076.json#L90-L97 but I think you meant 0 (I guess for all 1000) because * means...
# 🐛 Summary # For some CVEs, the SSVC values sometimes start with uppercase values and sometimes lower case values. ## To reproduce ## Examples - Automatable - No: -...
# 💡 Summary # Include a JSON schema definition for KEV data in `metrics`. The data also exists in `timeline`, but that data is formatted for and can be validated...
# Summary # How should CNA updates to CVE Records be handled, specifically updates made *after* enrichment? ## Motivation and context ## The current process does not add enriched data...
CPEs provided for some of the intel CVEs published on August 14 were incorrect, for example acronyms were used in CPEs where previous NVD assigned CPEs for the same products...
# 🐛 Summary # Thanks for the swift response team on #94. Raising this one as a follow up issue from #94 Clarify the following plz - I can see...
https://github.com/cisagov/vulnrichment/blob/6a33bf2996451d4f5ebadba4d04509d7d4f3f70b/2023/38xxx/CVE-2023-38831.json#L113 Suppose that I wish to quickly check whether CVE-2023-38831 is used in ransomware campaigns. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-38831 leads to a page on which the information about CVE-2024-29988 is shown at the...
The CISAADP container has the affected.vendor, affected.product, and affected.versions fields in at least several hundred CVE Records, but nothing in https://github.com/cisagov/vulnrichment/blob/034bc878aecbbc99cc211b0ceafa3fc53ddb5459/README.md mentions that this should be occurring. Also, in at...
This is purely a suggestion, but the way data is stored in the "containers.adp.metrics.other.content.options" is suboptimal. All of the records at the time I created this issue are encoded this...
