Comments (5)
Cool. Sorry about the confusion and thanks for the feedback 👍
from advisory-database.
@Geolim4 Looks like github was the assigning CNA for that CVE and the score given was medium
https://nvd.nist.gov/vuln/detail/CVE-2019-16774
It's unclear to me why this popped back up, but we reset our ghsa score to align with the score sent to mitre.
from advisory-database.
@darakian weird, does it looks like a bug to you ?
from advisory-database.
No, I don't see any bug behavior here. Maybe we didn't score the initial issue properly and that's a conversation we can have if you feel strongly about the severity level, but given the values the behavior seems correct to me.
from advisory-database.
It's not that bad, I was just wondering why the severity was recalculated wrongly based on the CVSS score I calculated originally, but if it's ok on your POV, that's fine for me despite it can looks weird for repo maintainers.
from advisory-database.
Related Issues (20)
- GHSA-rjhf-4mh8-9xjq is a duplicate of GHSA-3mv5-343c-w2qg HOT 1
- Missing CVE-2023-44487 advisory for Apache Tomcat HOT 3
- Removal of advisory for internal package (GHSA-8m6q-xfx2-69c2) HOT 1
- Repo specific advisories with CVE IDs don't make it into the global set HOT 3
- gen-mapping is listed as malware HOT 1
- https://github.com/advisories/GHSA-257q-pv89-v3xv lists Nuget twice. HOT 2
- Inconsistent package identifier format for vulnerabilities in the Swift ecosystem HOT 1
- include advisories from Snyk HOT 3
- arduino-ide-extension marked as malware HOT 13
- List Perl as an environment HOT 8
- NPM IP package warning overstates danger HOT 2
- GHSA-5mwm-wccq-xqcp contains an incorrect reference HOT 3
- New Rails vulnerabilities have been disclosed. HOT 1
- www.google.com
- nogot HOT 1
- GHSA-cqhr-jqvc-qw9p has an invalid CVE id and appears to be a duplicate of GHSA-g66q-grxc-64j3 HOT 1
- Add C/C++ ecosystem like conan. HOT 1
- GHSA-5667-3wch-7q7w aka CVE-2024-1023 has wrong version range
- Haskell security advisory database (Hackage packages) HOT 3
- When you reload the site on your phone, Gone all the user icons HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from advisory-database.