-
Notifications
You must be signed in to change notification settings - Fork 319
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Why not every CVE collected in GHSA? #2451
Comments
unreviewed |
Hey @JustinB1eber, thank you so much for writing in about this. We do have one small gap in our data, which is advisories originated from a GitHub security advisory which get a CVE but which are not part of our supported ecosystems. This is a date flow error that we are planning to correct. Can you share any CVEs that you find which are not in our Advisory Database so I can confirm the issue is the same and that we don't have any other leaks? |
Accroding to the document, it seems that github security advisory database would collect every CVE from NVD
But I have seen a few CVEs not in GHSA, neither
reviewed
norunreviewed
, e.g. CVE-2023-31058The text was updated successfully, but these errors were encountered: