search

fasten-project / vulnerability-producer

Gathers, enriches and publishes vulnerability information to a Kafka topic.
https://www.fasten-project.eu/
Apache License 2.0
6 stars 3 forks source link

Invalid CVE ids in the DB #101

Closed cg122 closed 2 years ago

cg122 commented 2 years ago

This issue records found invalid CVE id in the DB and may help to track where they come from in vulnerability processing.

CVE-2016-3092 is valid.

http://research-fasten:9001/api/mvn/vulnerabilities/CVE-2016-3092-FU

CVE-2016-5007 is valid.

http://research-fasten:9001/api/mvn/vulnerabilities/CVE-2016-5007-SEC

CVE-2017-4995 is valid, and related to Spring Security. However, CVE-2017-4995-JK mapped to FasterXML:jackson-databind

MagielBruntink commented 2 years ago

FIxed in b582e879f2c89734180c23793fcbaacf3d2ee0d5.