google / vulncode-db

Vulncode-DB project
https://www.vulncode-db.com
Apache License 2.0
575 stars 71 forks source link

Product names have duplicates or very similar names #82

Open bluec0re opened 3 years ago

bluec0re commented 3 years ago

Describe the bug The product name list contains a lot of duplicates (coming from the upstream NVD)

To Reproduce Steps to reproduce the behavior:

  1. Search for apache
  2. Find http_server (by apache) and apache_http_server (by apache)

Expected behavior Normalized list of products

Additional context The product names are coming from NVD and currently read only.

@felixwilhelm

sbs2001 commented 3 years ago

@bluec0re something like https://salsa.debian.org/security-tracker-team/security-tracker/-/blob/master/data/CPE/aliases would help to fix this to certain extent.

bluec0re commented 3 years ago

Thanks :) Not sure when I'll have the time to address this issue, but this alias list will definitively help!