Exclude particular CPEs from version and package name matching

Nix-Security-WG / nix-local-security-scanner

Reports on which security advisories may be relevant for a given system or derivation

MIT License

3 stars 0 forks source link

Exclude particular CPEs from version and package name matching #2

Open raboof opened 11 months ago

raboof commented 11 months ago

Certain CPE vendors (such as apple in case of Nix-Security-WG/nix-local-security-scanner#3 or redhat) or full CPEs (in case of type74:ed) commonly refer to vendor-specific versions or products. We could selectively exclude those from matching to improve matching accuracy.