Inaccurate CPE product:endor - linux:acrn

cisagov / vulnrichment

A repo to conduct vulnerability enrichment.

Creative Commons Zero v1.0 Universal

399 stars 29 forks source link

Closed patrickmgarrity closed 1 month ago

patrickmgarrity commented 1 month ago

The CPEs for these CVE's use linux:acrn for product / version which appears to be inaccurate...

CVE-2023-1544 CVE-2023-28329 CVE-2023-28334

jwoytek-cisa commented 1 month ago

@patrickmgarrity Thank you! I've passed this up to the analysts to fix upstream. I'm holding the issue open until these are fixed.

jwoytek-cisa commented 1 month ago

These have been addressed by our analysts. Thank you!