Open cg122 opened 2 years ago
Improve merging vulnerabilities come from different sources. Two vulnerability are not identified identical but should be then presented twice in the KB. e.g. CVE-2-21-42392 and GHSA-h376-j262-vhq6
The CVE id (CVE-2021-42392) is also in the GHSA page ( https://github.com/advisories/GHSA-h376-j262-vhq6)
Currently, merging vulnerabilities based on the external id that could miss above mentioned case if CVE id is later updated by GHSA.
Improve merging vulnerabilities come from different sources. Two vulnerability are not identified identical but should be then presented twice in the KB. e.g. CVE-2-21-42392 and GHSA-h376-j262-vhq6
The CVE id (CVE-2021-42392) is also in the GHSA page ( https://github.com/advisories/GHSA-h376-j262-vhq6)
Currently, merging vulnerabilities based on the external id that could miss above mentioned case if CVE id is later updated by GHSA.