golang / vulndb

[mirror] The Go Vulnerability Database
Other
565 stars 62 forks source link

Vulnerabilities sorted by Number not Date - no scoring #2889

Closed BoaThor closed 5 months ago

BoaThor commented 6 months ago

Acknowledgement

Description

I just wanted to make you aware that currently the CVEs are sorted by CVE-Number. That may lead to situations where user may miss important CVEs. Search for "Jun 5" and you will notice the problem. 77 new CVE released within the range of CVE-2024-2400 - CVE-2024-2900. Also please consider adding CVSS Score or proprietary scores to support researchers and developers to prioritize.

Affected Modules, Packages, Versions and Symbols

This is about a meta-level weakness in the vulnerability disclosure process.

CVE/GHSA ID

No response

Fix Commit or Pull Request

unfixed

References

none.

Additional information

If you want to know more about vulnerability disclosure process design, let me know.

tatianab commented 6 months ago

Hi, thanks for filing an issue. Which webpage you are referring to? As far as I am aware, the Go project does not have a feature to search CVEs by date.

(For future reference, this issue tracker is specifically for tracking vulnerabilities in Go, and meta-level issues related to the Go Project or Go Vulnerability Management should be filed on the golang/go issue tracker).