Comments (6)
andresriancho
commented on August 24, 2024
That's an interesting question, the answer, at least for me is: "I don't know".
Right now the only two ""sponsors"" for this project are the Arachni and w3af projects, which are web scanners, thus all the vulnerabilities in this database would have the "website" or "http" tags (at least implicit). In the future this might change and someone (not me, and most likely not @Zapotek but I can't talk for him) might add vulnerabilities which are not web related.
It might be a good idea to prevent this future add-on of other vulnerabilities and tag all current vulnerabilities as "web", just in case.
Leaving open so we do that.
from data.
Zapotek
commented on August 24, 2024
@andresriancho Which brings up the question, is vulndb just for web vulns or everything is fair game?
from data.
andresriancho
commented on August 24, 2024
- The schema allows almost any type of vulns to be added.
- I'm not going to add any non-web vulns
- I'm not going to "block" any PRs for non-web vulns
Hope that clarifies my point of view
from data.
andresriancho
commented on August 24, 2024
Thank god for unittests. As you say it wasn't valid JSON, that made the test fail and after a couple of quick fixes: https://circleci.com/gh/vulndb/data/33
from data.
m0sth8
commented on August 24, 2024
@andresriancho It will be better if we merge develop to master with PR in the future. What do you think?
from data.
andresriancho
commented on August 24, 2024
Yeah, I should work on develop and then merge. The good thing is that I'm only breaking master for some seconds ;)
from data.
Related Issues (20)
- Add new vulnerabilities to database HOT 1
- Add new vulnerabilities to database (must-have)
- Write unittest to verify all JSON files comply with schema.json
- Write unittests required by specification HOT 2
- Avoid duplicated fix guidance HOT 6
- nmap might be interested in using vulndb/data
- Remove Arachni-specific tags
- Markdown: 1- vs 1. HOT 1
- Translate database in russian HOT 7
- Add WASC references to existing vulnerabilities in DB
- Add field to describe who is affected by vulnerability HOT 1
- Add CVSS HOT 5
- Move markdown out of JSON files HOT 5
- cwe IDs HOT 3
- Add reference to CWE/SANS Top 25 (2011) HOT 5
- php sdk HOT 10
- Move WASC TC v2 URLs to vulndb/data HOT 3
- Remove duplicated CWE data HOT 2
- Is this project still alive? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from data.