docs(vers): clarify what is (not) NVD

package-url / purl-spec

A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby

https://github.com/package-url/purl-spec

Other

696 stars 161 forks source link

Closed andrewpollock closed 2 weeks ago

andrewpollock commented 1 month ago

There's unfortunately a lot of confusion about where the boundaries are between the CVE Program's CVE List and NIST's NVD.

Ensure that the documentation here is not perpetuating misinformation and communicating unambiguously.