Comment

Comment on CVE fallout: The splintering of the standard vulnerability tracking system has begun

0xD@infosec.pub ⁨1⁩ ⁨week⁩ ago

OMG I’ve been motherfucking looking for this piece of shit EUVD for the past weeks and only found references and info pages, but never the actual fucking database!! Finally I know it exists.

Why is it hidden? Why does it have that braindead URL? And why, for the love of god, does it have a separate numbering scheme?!

source

Sort:hotnew top

JohnEdwa@sopuli.xyz ⁨1⁩ ⁨week⁩ ago

And why, for the love of god, does it have a separate numbering scheme?!

Because they want the ability to reference other vulnerability sources - like JVN - and not just CVE.

The EUVD service builds upon the CVE system and vulnerabilities in the scope of the CVE numbering service receive a CVE. In addition, the EUVD data aggregates and enriches the vulnerability information and lists an EUVD ID on top of the CVE when new vulnerability entries are created. To allow further cross referencing, the CVE identifier and additional vulnerability identifiers are listed when available. -https://euvd.enisa.europa.eu/faq

And because, you know, standards.

source
SinningStromgald@lemmy.world ⁨1⁩ ⁨week⁩ ago
I can only assume the stories about CVE have pushed it to the top but I just search “European vulnerability database” and first link went to the database.

source