search

nexB / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
https://public.vulnerablecode.io
Apache License 2.0
503 stars 184 forks source link

Add data in CSAF format from https://github.com/cisagov/CSAF #1315

Open pombredanne opened 9 months ago

pombredanne commented 9 months ago

reported by @mjherzog

We should add data in CSAF format from https://github.com/cisagov/CSAF

Note:

See also:

tehami02 commented 9 months ago

@pombredanne I think there are 1940 json files of CSAF data as its mentioned in their "index.txt" file. How do you want to add it to our project. Can you please provide more details.

aryangupta701 commented 5 months ago

Hi @pombredanne can you please assign this issue to me, so I can start working on it

pombredanne commented 5 months ago

@aryangupta701 we do not "assign" issues except for core team members :) ... You can just state here that you are working on it and this is enough for a start and thank you ++ for this BTW.

pombredanne commented 5 months ago

@tehami02 re

I think there are 1940 json files of CSAF data as its mentioned in their "index.txt" file. How do you want to add it to our project. Can you please provide more details.

We would import these CSAF data file as advisories, vulnerabilities and packages in our DB. That's the whole point of this issue.

aryangupta701 commented 5 months ago

Okay I am working on this issue. Thank you

ambuj-1211 commented 1 month ago

@ziadhany exactly what we need to do in this one, we have to make a simple importer or some kind of api, if api then what should be the endpoint?

ziadhany commented 1 month ago

@ambuj-1211 I think we need to import CSFA data and also support the vulnerability CSAF format