You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
(both your examples cite the same commit hash, so I'm not sure which record you were referring to for your curl example, so I'll pick one at random)
For CVEs converted from the NVD, such as CVE-2019-1387, there is no summary-equivalent available, so they are omitted when the resulting OSV record is generated. I'm not sure about the utility of duplicating the entire details field into the summary field, as this feels like it's not in the spirit of how that field is intended to be used: https://ossf.github.io/osv-schema/#summary-details-fields
Describe the bug
Can we use one field for the CVE details?
There currently seems to be two fields to get the summary:
details
andsummary
.For example, git's cve only has a details field while curl's cve only has a summary field.
To Reproduce
For curl:
For git:
Expected behaviour
Can we have one consistent field to describe the CVE?
The text was updated successfully, but these errors were encountered: