A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
GitHub advisories provide the severity "MODERATE" and as a result VulnerableCode does also provide this severity which according to the specification should be "MEDIUM" instead.
GitHub advisories provide the severity "MODERATE" and as a result VulnerableCode does also provide this severity which according to the specification should be "MEDIUM" instead.
For example, this severity is classified as "MODERATE" by GitHub: https://github.com/advisories/GHSA-c7mc-q43h-5672
It is reported by VulnerableCode as:
It would be good if VulnerableCode could map "MODERATE" to the correct "MEDIUM" in its API response.