Add support for QEMU project

iridium-soda / VulnCodeCollector

A lightweight tool designed to automatically crawl CVE-related source code, with the capability to export content in a readable database format(i.e. 多维表格) for applications like Lark or Tencent Docs.

Apache License 2.0

0 stars 0 forks source link

Add support for QEMU project #6

Closed iridium-soda closed 1 month ago

iridium-soda commented 1 month ago

QEMU在GitHub有开源项目，位置在 https://github.com/qemu/qemu ，但CVE信息中并没有ref直接指向该项目而是给了http://git.qemu-project.org/?p=qemu.git;a=commit;h=df8bf7a7fe75eb5d5caffa55f5cd4292b757aea6 （该网站已废弃），其中的commit sha是对应https://github.com/qemu/qemu/commit/df8bf7a7fe75eb5d5caffa55f5cd4292b757aea6 因此可以解析出来自动爬取。

iridium-soda commented 1 month ago

To prove this, see CVE-2015-8666. Some CVEs related to QEMU have correct commit URLs but others do not.

iridium-soda commented 1 month ago

fixed.