Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
cvelist
Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
-
cve-schema
This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published here. This repository is managed by the CVE Quality Working Group.
118955 entries don't even have an affected vendor/product software field, and neither with a valid version string and/or condition. They only contain plaintext descriptions and no version matching field either. Filed an issue here about it.
The upcoming v5 format is here: https://github.com/CVEProject/cvelist
I adopted JSON for the CVE data format when I invented it (https://github.com/CVEProject/cve-schema/tree/master/schema ) for two main reasons:
SQL won't prevent data errors any more than using JSON, you can have schema validation and the exact same data validation tooling, which we'd be more than happy to have, if you want to build this simply submit PR's against the tools repo: https://github.com/cloudsecurityalliance/gsd-tools
You might want to check OpenCVE: https://github.com/opencve/opencve