GHSA & NVD redundancy #4013
Unanswered
andreeaButerchi
asked this question in
Q&A
GHSA & NVD redundancy
#4013
Replies: 1 comment 1 reply
-
|
Hello! Any chance someone ran into a similar situation? and what would the recommended solution be? |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Did you ever get an answer on this? I am seeing the same behaviour. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
As NVD analysis takes longer and longer we activated the GHSA as Vulnerability Source (besides NVD)... But we end up having several times the same vulnerability:
Taking into account that if we check the GHSA ID we can find the reference of the NVD CVE. We were expecting to be able to get only once a unique vulnerability.
For example:
we have: GHSA-hr8g-6v94-x4m9
And also: GHSA-8xfc-gm6g-vgpv
I hope I'm missing some sort of configuration... or API option (currently we're using variant=withVulnerabilities)
Thank you very much for your help!
Best regards,
Andreea
Beta Was this translation helpful? Give feedback.
All reactions