go-cve-dictionary icon indicating copy to clipboard operation
go-cve-dictionary copied to clipboard

Published 20 hours ago verified publisher icon vulsio

NVD data feeds to be deprecated by the end of 2023

Open jbmaillet opened this issue 2 years ago • 1 comments

In case you didn't noticed:

In late 2023, the NVD will retire its data feeds while working to guide any legacy users to updated application-programming interfaces (APIs).

I do not consider this good news. Last time I checked the web API, it did not seem handy at all to me (of course throttling, but also date range required for CVE on CPE version X required, paginated replies with pages to be retrieved one by one...)

In any case, I still consider that having a true database replication of the NVD like go-cve-dictionary provide to be of crucial importance, both for better performances and custom requests. I understand, of course, that this would require a re-architecture of the project.

I open this "feature request" 1 year and a half in advance, just so that you know that at least for me:

  • I do not consider the NVD web API as a replacement for a true replicated database.
  • I hope to still be able to use go-cve-dictionary by the end of 2023.

jbmaillet avatar Aug 05 '22 07:08 jbmaillet

See also: https://github.com/vulsio/go-cpe-dictionary/issues/88 Any one could be considered a duplicate, but the issue must be considered at some point.

jbmaillet avatar Oct 17 '22 12:10 jbmaillet