Closed pombredanne closed 7 months ago
I took a took at that site, we can get the Recommendation
and Workaround
section of each case and use it in our AdvisoryData
summary
, apart from that, I see no scope of getting additional data related to Packages
.
Is that what you're referring to, in resolution data
? @pombredanne
@jayanth-kumar-morem I am not sure what you mean exactly. Say for instance this: https://csirt.divd.nl/cves/CVE-2023-22580/
Though I am not sure which one is right (if any)... in any case the point is that the advisory is about a package at https://sequelize.org/ and https://www.npmjs.com/package/sequelize and https://github.com/sequelize/sequelize
Same as #760
@armijnhemel Thanks! Marking as dupe of #760 in https://github.com/nexB/vulnerablecode/issues/760#issuecomment-1914756761
They track things like https://csirt.divd.nl/cases/DIVD-2023-00027/ There may be extra resolution data available there