vulnerablecode icon indicating copy to clipboard operation
vulnerablecode copied to clipboard
verified publisher icon nexB

Incomplete reference collection in Metasploit ( missing affected/fixed commits )

Open ziadhany opened this issue 4 months ago • 2 comments

https://github.com/aboutcode-org/vulnerablecode/blob/dcb0511c73283654ab8a4ca340b71d6d9c5a16b9/vulnerabilities/pipelines/enhance_with_metasploit.py#L73

https://public.vulnerablecode.io/vulnerabilities/VCID-5drb-ng7e-aaaj?search=CVE-2013-0233 Missing a commit fix like this: https://github.com/rails/rails/commit/26e13c3ca71cbc7859cc4c51e64f3981865985d8

    "references": [
      "CVE-2013-0233",
      "OSVDB-89642",
      "BID-57577",
      "URL-http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/",
      "URL-http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html",
      "URL-https://github.com/rails/rails/commit/921a296a3390192a71abeec6d9a035cc6d1865c8",
      "URL-https://github.com/rails/rails/commit/26e13c3ca71cbc7859cc4c51e64f3981865985d8"
    ],
  • Related issue: #1697

ziadhany avatar Aug 29 '25 18:08 ziadhany

hello @ziadhany i would like to work on this issue could you please assign it to me..

sarafarajnasardi avatar Aug 31 '25 04:08 sarafarajnasardi

@sarafarajnasardi we do not "assign" issues, instead you should join the chat either on Slack or Matrix and engage with @ziadhany for advices.

pombredanne avatar Oct 08 '25 06:10 pombredanne