Comments (1)
Hi @lukas-braune thanks for reaching out!
Unfortunately we're unable to merge duplicate advisories right now. That's a known issue for us and one we hope to someday address, but it would take a pretty steep engineering investment so it's not on the near-term roadmap. That said, we are tracking advisories we should merge once we have that ability and we've added this one to the list.
If something like this comes up today, we would normally favor the maintainer-generated advisory and withdraw the other. Unfortunately in this particular pairing, the non-maintainer-generated advisory is coming from our friends at RustSec, so withdrawing it means we would lost any updates that RustSec may publish.
TLDR we're not going to take any action on this today, but we acknowledge it is annoying and we are sorry for that.
I'll keep this issue open in case others want to chime in!
from advisory-database.
Related Issues (20)
- cve-2023-44487 HOT 2
- GHSA-679j-53p9-4q59 HOT 1
- advise
- Missing CVE-2023-44487 advisory for Apache Tomcat HOT 3
- Removal of advisory for internal package (GHSA-8m6q-xfx2-69c2) HOT 1
- Repo specific advisories with CVE IDs don't make it into the global set HOT 3
- gen-mapping is listed as malware HOT 3
- https://github.com/advisories/GHSA-257q-pv89-v3xv lists Nuget twice. HOT 2
- Inconsistent package identifier format for vulnerabilities in the Swift ecosystem HOT 1
- include advisories from Snyk HOT 3
- arduino-ide-extension marked as malware HOT 13
- List Perl as an environment HOT 8
- NPM IP package warning overstates danger HOT 2
- GHSA-5mwm-wccq-xqcp contains an incorrect reference HOT 3
- New Rails vulnerabilities have been disclosed. HOT 1
- www.google.com
- nogot HOT 1
- GHSA-cqhr-jqvc-qw9p has an invalid CVE id and appears to be a duplicate of GHSA-g66q-grxc-64j3 HOT 1
- Add C/C++ ecosystem like conan. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from advisory-database.