github-actions[bot]
commented
1 month ago This issue has not had any activity for 60 days and will be automatically closed in two weeks
Open andrewpollock opened 4 months ago
github-actions[bot]
commented
1 month ago This issue has not had any activity for 60 days and will be automatically closed in two weeks
Describe the bug While creating https://github.com/google/osv.dev/pull/2146 (off the back of https://github.com/google/osv.dev/pull/2129) it occurred to me that combine-to-osv doesn't mark rejected CVEs as withdrawn when converting them to OSV records, and I think they should be.
Expected behaviour Rejected CVEs expressed as OSV records should be marked as withdrawn.
Screenshots https://api.osv.dev/v1/vulns/CVE-2024-31745 is the example.