vulnerablecode icon indicating copy to clipboard operation
vulnerablecode copied to clipboard

Published 20 hours ago verified publisher icon nexB

Import Global Security Database

Open armijnhemel opened this issue 3 years ago • 7 comments

It might be useful to harvest the Global Security Database, a new project:

https://globalsecuritydatabase.org/ https://github.com/cloudsecurityalliance/gsd-database

Data is CC0-1.0 licensed.

armijnhemel avatar Apr 21 '22 19:04 armijnhemel

Moved from https://github.com/nexB/vulnerablecode/issues/790#issuecomment-1181077673

@joshbuker commented 12 hours ago

@TG1999 We should setup a time for the GSD and VulnerableCode folks to touch base, understand each other's efforts, and how we can work together.

pombredanne avatar Jul 12 '22 11:07 pombredanne

@joshbuker It would be great! tell us when could be a good time for you as we are a scattered around the globe. We also idle on this chat channel https://gitter.im/aboutcode-org/vulnerablecode

TG1999 avatar Jul 12 '22 12:07 TG1999

@TG1999 I sent you a direct message via gitter following up on this.

Looking forward to getting in touch!

joshbuker avatar Jul 15 '22 16:07 joshbuker

See this for an example of the data (note problems with vague version range): https://github.com/cloudsecurityalliance/gsd-database/commit/a03afb806f7ce38b8d4db2b8709799db26b93e78

DennisClark avatar Nov 14 '23 16:11 DennisClark

we also do not know how the data was gathered, especially the criteria for selection.

DennisClark avatar Nov 14 '23 16:11 DennisClark