Support CVE JSON 5.0 - Githubissues

aboutcode-org / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

https://public.vulnerablecode.io

Apache License 2.0

521 stars 190 forks source link

Support CVE JSON 5.0 #1015

Open armijnhemel opened 1 year ago

armijnhemel commented 1 year ago

Currently VulnerableCode only supports CVE JSON 4.0 but soonish reports will be coming in CVE JSON 5.0 format, which will be a richer format with (possibly) more data:

https://www.cve.org/Media/News/item/news/2022/01/11/Changes-Coming-to-CVE-Record https://www.cve.org/Media/News/item/blog/2022/01/18/CVE-List-Download-Formats-Are

I don't know when NVD starts publishing feeds in CVE JSON 5.0 format, but it might be good to be prepared.

pombredanne commented 1 year ago

@armijnhemel Thanks... this is timely as we are working on migrating the Apache httpd advisories to the new internal framework and they are using the NVD v4 We need to add v5 indeed.

TG1999 commented 7 months ago

https://github.com/CVEProject/cvelistV5/blob/main/cves/2023/1xxx/CVE-2023-1002.json it's an example of the format

TG1999 commented 7 months ago

Check the GH repo and API data is similar or not