cve-bin-tool icon indicating copy to clipboard operation
cve-bin-tool copied to clipboard
verified publisher icon intel

Update EPSS URL

Open jgamblin opened this issue 8 months ago • 3 comments

Move EPSS URL From Cyentia to Empirical Security. https://epss.empiricalsecurity.com/epss_scores-current.csv.gz. ~~The old URL no longer works.~~ The URL is back but it is now a redirect and should be updated.

jgamblin avatar May 02 '25 21:05 jgamblin

They're both working for me right now. Is there an announcement somewhere about the change or is this an attempt to get us to do something sketchy? My apologies for being so suspicious if this wasn't a social engineering attempt, but we've been getting some really weird pull requests.

terriko avatar May 05 '25 17:05 terriko

hi @terriko,

I completely understand it sounds sketchy, but it is a real change. The URL was down for about a day or so but Cyentia turned back on the redirect for now.

Screenshot 2025-05-05 at 7 08 42 PM

All of the links on first.org have been updated to Empirical Security. https://www.first.org/epss/data_stats

@jayjacobs is from Empirical and can also verify if needed.

jgamblin avatar May 06 '25 00:05 jgamblin 

~$ curl -I https://epss.cyentia.com/epss_scores-current.csv.gz
HTTP/1.1 200 Connection established
Proxy-Agent: Fortinet-Proxy/1.0

HTTP/2 301
content-length: 0
location: https://epss.empiricalsecurity.com/epss_scores-current.csv.gz
date: Wed, 07 May 2025 23:14:08 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9f4bc08bf8fe4d53ba73713387d5ab3e.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C2
x-amz-cf-id: EJfEBnEGaFM5vC5QSW4i69Fr41eOdymE8F8kh6u5KFP9xUCcP8Rcuw==
age: 57

Confirmed the old URL is a 301 to the new URL. I'll go ahead and fire the CI.

stvml avatar May 07 '25 23:05 stvml