joshbressers
commented
5 months ago I think we're too early to have this conversation. Perhaps someday. I'll leave this open so we don't forget.
Open prabhu opened 5 months ago
joshbressers
commented
5 months ago I think we're too early to have this conversation. Perhaps someday. I'll leave this open so we don't forget.
CVE project supports enhancing the record as an Authorized Data Publisher (ADP). The benefit of this approach is that the enhancement data can be supplied in a consistent CVE 5.0 schema as
adpContainerattributes. A given CVE 5.0 record could have multiple enhancements from multiple ADPs supporting workflows based on provider org id.References
https://github.com/CVEProject/cve-schema/blob/master/schema/v5.0/CVE_JSON_5.0_schema.json#L591 https://www.cve.org/Media/News/item/podcast/2021/12/14/Enhancing-CVE-Records-as-an