search

aboutcode-org / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
https://public.vulnerablecode.io
Apache License 2.0
537 stars 202 forks source link

Collect go announces #288

Open sbs2001 opened 3 years ago

sbs2001 commented 3 years ago

See https://groups.google.com/g/golang-announce

This is unstructured data, but we need it anyway.

Hritik14 commented 3 years ago

This could be of help too https://www.cvedetails.com/vulnerability-list/vendor_id-14185/Golang.html

pombredanne commented 3 years ago

@Hritik14

This could be of help too https://www.cvedetails.com/vulnerability-list/vendor_id-14185/Golang.html

Good find there does not seem to be anything special to it beyond the NVD and using the "Go" vendor from the CPE to isolate Go vulnerabilities. For instance https://www.cvedetails.com/cve/CVE-2019-14809/ seems to be all from NVD.

Per https://www.cvedetails.com/how-does-it-work.php

All data are taken from XML feeds provided by NVD (National Vulnerability Database) at http://nvd.nist.gov/download.cfm#RSS