search

fasten-project / vulnerability-producer

Gathers, enriches and publishes vulnerability information to a Kafka topic.
https://www.fasten-project.eu/
Apache License 2.0
6 stars 3 forks source link

CVE-2021-44228 - Too many PURLs #123

Open mir-am opened 2 years ago

mir-am commented 2 years ago

For CVE-2021-44228, the producer adds too many non-Maven PURLs that might not be affected by the vulnerability.

MagielBruntink commented 2 years ago

This seems fine: https://api.fasten-project.eu/api/mvn/vulnerabilities/CVE-2021-44228

But this not: https://api.fasten-project.eu/api/pypi/vulnerabilities/CVE-2021-44228