ra1nb0rn
commented
3 weeks ago Hi @pommfresser , Thank you very much for implementing this feature.
The PR looks really good to me, so I happily went ahead and accepted it. I also share your opinions about the suggestions and caching features for now.
I plan to do some more work on search_vulns in the coming days. After that, I will merge your feature into the master branch and the official public instance.
Hi, I implemented searching with vuln ids (CVEs and GHSAs) to have all information for vulns in one place. You can search with a comma-seperated list of vuln ids. CPE suggestions are disabled if a vuln ids query is detected. You could think about implementing suggestions for this type of query. It shouldn't be too much work, but I thought it is unnecessary for this context. Also, these queries aren't cached in the web server, since caching them wouldn't be needed and would just fill the cache unnecessarily. If a vuln id is not found in the database, the entry gets highlighted with a description of "NOT FOUND".