search

cve-search / vulnerability-lookup

Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
https://vulnerability.circl.lu
GNU Affero General Public License v3.0
136 stars 16 forks source link

Bundles: Collection of vulnerabilities #33

Closed cedricbonhomme closed 4 months ago

cedricbonhomme commented 7 months ago

We discussed about the idea of having collections/sets of vulnerabilities.

Basically a collection has a name and a set of vulnerabilities.

The set of vulnerabilities can be cherry picked manually or via expressions created by the user (key/value) which will result in a dynamic collection. This can lead to nested queries in JSON objects. For example if we want the collection of vulnerabilities with an attackComplexity set to LOW. Just as example...

Maybe first implement static collections.

adulau commented 7 months ago

Maybe the easiest would be a very simple approach like we do for misp-galaxy. We have a set of keys for the collection like name, description, creator, last_updated, list_of_vulnerability_references and then a meta which could contain additional field set locally by the contributor.

cedricbonhomme commented 4 months ago

I just created a new branch dedicated to the development of the bundles feature. The draft JSON schema is here. It is quite close to the JSON schema for the comments, here.

The main difference is that the array related_vulnerabilities is now mandatory. I remove the filed ''vulnerability'' Comments have ''name''. Whereas bundles have a ''title''. The terminology is slightly different. But I can use the same terminology if you think that it's best.