Skip to content

CVEs with product set to N/A might be missed #34

New issue
New issue
Open
Open
CVEs with product set to N/A might be missed#34
@mekhall

Description

@mekhall
mekhall
opened on Mar 18, 2025

Proposed New Idea/Feature (required)

Many CVEs are reported as having the "product" field set to "N/A". At the same time many of these have a description text (descriptions/value) where a product is described in free text form.

I believe that the "product" field is commonly used with scanners that automatically tries to match CVEs to the contents of an SBOM or similar.

It would be beneficial if the product field could be populated with a valid product name. Perhaps a script can be made to identify CVEs which have a N/A product but still describes a product within a free text field. The next step would be to introduce the correct value in the product field.

Is it viable to force a valid product name when creating new CVEs even?

Additional Notes (Optional)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions