search

cve-search / vulnerability-lookup

Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
https://cve-search.github.io/vulnerability-lookup/
GNU Affero General Public License v3.0
71 stars 9 forks source link

`details` in `osvSchema` as description #44

Open adulau opened 1 month ago

adulau commented 1 month ago

In GSD source, there is a description but under a different name.

https://vulnerability.circl.lu/vuln/gsd-2024-33903

    "osvSchema": {
      "aliases": [
        "CVE-2024-33903"
      ],
      "details": "In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians or bicycles, in part because the collision sensor function is not exposed to the Blueprint library.",
      "id": "GSD-2024-33903",
      "modified": "2024-04-29T05:02:07.295775Z",
      "schema_version": "1.4.0"
    }

I propose to use this field as description for the GSD source in the UI.

Rafiot commented 1 month ago

The JSONs are fairly random in GSD, we cannot expect the details field to be there all the time. Should we use this one as a default if present and keep it as it is otherwise?

adulau commented 1 month ago

Yep only if it's present and keep the default one.