Currently, we assign CVEs manually. It takes time, it doesn't scale and researchers don't know if a given report will earn them a CVE. With this initiative, researchers will be informed – from the beginning – if their report will receive a CVE and publish the CVE automatically once the maintainer fixes the reported vulnerability.
Features
[x] Automatically publish CVEs to the MITRE database
[x] As a maintainer, I want to tell huntr which version ranges of my product are vulnerable and which are safe in order for the security advisory to be accurate
[x] As a researcher, I want to know if my report is eligible for a CVE as soon as I chose a target repo and a vulnerability type
Pitch
Features
Deadline
Nov 26th 2021