Why does data/snyk.json contain duplicate entries?

mchmarny / vimp

Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.

Apache License 2.0

59 stars 4 forks source link

Open taechae opened 1 year ago

taechae commented 1 year ago

ie. 8 SNYK-DEBIAN11-SYSTEMD-3111119, CVE-2022-3821

Is there a difference between the 8 that I am missing?

mchmarny commented 1 year ago

Ye, these do look the same. No idea why snyk outputs dups, is that a function of the --app-vulns flag?

mchmarny commented 1 year ago

For now, there is a unique filter that removes the exposures that have the same ID, pkg, and version