Rage about CVE dataset quality(?)

• cvelistV5

  5 468 4.8

  CVE cache of the official CVE List in CVE JSON 5.0 format

  

118955 entries don't even have an affected vendor/product software field, and neither with a valid version string and/or condition. They only contain plaintext descriptions and no version matching field either. Filed an issue here about it.

• Loki

  12 3,219 5.7 Python

  Loki - Simple IOC and YARA Scanner (by Neo23x0)

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• cvelist

  4 1,225 10.0

  Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023

  

The upcoming v5 format is here: https://github.com/CVEProject/cvelist

• cve-schema

  2 210 5.3 HTML

  This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published here. This repository is managed by the CVE Quality Working Group.

  

I adopted JSON for the CVE data format when I invented it (https://github.com/CVEProject/cve-schema/tree/master/schema ) for two main reasons:

• gsd-tools

  1 39 6.9 Python

  Global Security Database Tools

  

SQL won't prevent data errors any more than using JSON, you can have schema validation and the exact same data validation tooling, which we'd be more than happy to have, if you want to build this simply submit PR's against the tools repo: https://github.com/cloudsecurityalliance/gsd-tools

• opencve

  21 1,618 4.4 Python

  CVE Alerting Platform

  

You might want to check OpenCVE: https://github.com/opencve/opencve

Suggest a related project