Automatic CVEs - Githubissues

418sec / huntr

Public Roadmap | huntr.dev

https://huntr.dev

265 stars 90 forks source link

Automatic CVEs #2157

Closed psmoros closed 2 years ago

psmoros commented 2 years ago

Pitch

Currently, we assign CVEs manually. It takes time, it doesn't scale and researchers don't know if a given report will earn them a CVE. With this initiative, researchers will be informed – from the beginning – if their report will receive a CVE and publish the CVE automatically once the maintainer fixes the reported vulnerability.

Features

[x] Automatically publish CVEs to the MITRE database
[x] As a maintainer, I want to tell huntr which version ranges of my product are vulnerable and which are safe in order for the security advisory to be accurate
[x] As a researcher, I want to know if my report is eligible for a CVE as soon as I chose a target repo and a vulnerability type

Deadline

Nov 26th 2021

psmoros commented 2 years ago

Progress Update

[x] As a researcher, I want to know if my report is eligible for a CVE as soon as I chose a target repo and a vulnerability type

unknown

psmoros commented 2 years ago

Delivered 10 days ago :)