cisa_known_exploited is not in the dump (like the other sources)

cve-search / vulnerability-lookup

Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).

https://cve-search.github.io/vulnerability-lookup/

GNU Affero General Public License v3.0

71 stars 9 forks source link

cisa_known_exploited is not in the dump (like the other sources) #48

Closed adulau closed 1 week ago

adulau commented 1 week ago

cisa_known_exploited is not in the dump (like the other sources) when doing get_all.

Rafiot commented 1 week ago

This source doesn't have a proper identifier for each of the entries, they are only imported as meta for the CVEs. We create a local uuid for the storage, but it is arbitrary and will vary from one instance to the next, so I don't think it is a good idea to use it for an export. The source is also not listed on the recent page, for the same reason.

The meta entries will be in the get_all export for the CVEs if you pass the with_meta parameter to true. Or at least, they should.

adulau commented 1 week ago

Thanks it makes sense. So I'll try the with_meta everywhere ;-)