Code Monkey home page Code Monkey logo

Comments (4)

p7e4 avatar p7e4 commented on August 18, 2024

从CVE公开到被NVD分析完成是需要时间的,所以CVSS评分在大部分的时候估计都是不可用的
至于消息格式,我觉得可以提供一个模板以方便用户自定义

from cve-alert.

cantgis avatar cantgis commented on August 18, 2024

赞同,CVSS得三天后才能知道,不过一般HW行动基本上也有这么时效性,也可以保留不需要显示该评分。

截图是我本地调用webhook整的一个“模拟输出”消息模板。

缺少几个关键变量用于引用。

  • 漏洞命中关键词:xxx
  • 漏洞编号:xxx
  • 公开日期:xxx (北京时间)
  • CNA来源: xxx
  • 漏洞描述:xxx"
  • 参考文献:xxx

提供一个模板也可以,用于组合消息产出的格式。

from cve-alert.

cantgis avatar cantgis commented on August 18, 2024

也可以产出一个开关设置:延迟3天推送消息,这样能获得评分级别,严重级别和漏洞产商(具体漏洞所属的软件名)

希望每次推送一条,参考文献上加固定的两个链接输出:(每次直接手机能预览漏洞的官网)
https://nvd.nist.gov/vuln/detail/CVE-xxxx-xxxx
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-xxxx-xxxx

from cve-alert.

p7e4 avatar p7e4 commented on August 18, 2024

也可以产出一个开关设置:延迟3天推送消息,这样能获得评分级别,严重级别和漏洞产商(具体漏洞所属的软件名)

这样会导致大量重复消息且缺乏时效性,如果该漏洞很重要你可以自己研究或者收藏起来

希望每次推送一条,参考文献上加固定的两个链接输出:(每次直接手机能预览漏洞的官网) https://nvd.nist.gov/vuln/detail/CVE-xxxx-xxxx https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-xxxx-xxxx

这两者的内容并没有太大差距,不过你喜欢的话可以在模板中自定义

from cve-alert.

Related Issues (8)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.