Submitted 3 weeks ago by Tea@programming.dev to technology@lemmy.world
https://go.theregister.com/feed/www.theregister.com/2025/04/18/splintering_cve_bug_tracking/
OMG I’ve been motherfucking looking for this piece of shit EUVD for the past weeks and only found references and info pages, but never the actual fucking database!! Finally I know it exists.
Why is it hidden? Why does it have that braindead URL? And why, for the love of god, does it have a separate numbering scheme?!
And why, for the love of god, does it have a separate numbering scheme?!
Because they want the ability to reference other vulnerability sources - like JVN - and not just CVE.
The EUVD service builds upon the CVE system and vulnerabilities in the scope of the CVE numbering service receive a CVE. In addition, the EUVD data aggregates and enriches the vulnerability information and lists an EUVD ID on top of the CVE when new vulnerability entries are created. To allow further cross referencing, the CVE identifier and additional vulnerability identifiers are listed when available. -https://euvd.enisa.europa.eu/faq
And because, you know, standards.
I can only assume the stories about CVE have pushed it to the top but I just search “European vulnerability database” and first link went to the database.
Could it be a good candidate for federation? There’s already a few naming standards that would allow a bit of a common ground. And maybe eliminate a few of the big points of failure.
Distributed hosting isn’t really a problem here, its distributed funding for the staff.
Lmao come on. Some people in the EU speak English and knew that naming your standard “European Union Venereal Disease” was a bad idea.
Im sure DOGE will replace it with a more efficient way for the government to track all of the bugs its computers might be vulnerable to…
…and then send them directly to Putin’s cyberwarfare unit.
Eyekaytee@aussie.zone 3 weeks ago
everything the US gov helps funds now has a question mark over whether it’ll still be here in 4 years…
hddsx@lemmy.ca 3 weeks ago
Four years? Boy, you are optimistic
Eyekaytee@aussie.zone 3 weeks ago
tbf to the US they fund an absolute ton of things, eg. I didn’t realise they helped fund lets encrypt and now the CVE database either, I assume it’ll be a drip feed of things being cancelled slowly over time as they find them all
Image
catloaf@lemm.ee 3 weeks ago
It won’t be here next year, but it won’t be here in four years too.
Almacca@aussie.zone 3 weeks ago
This shit seems to change by the minute.
w3dd1e@lemm.ee 3 weeks ago
I’m don’t trust any .gov sites anymore. If I’m researching and I see that it’s a government site, I move on. I can’t trust that info.
The whole thing is scary
IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com 3 weeks ago
You can kinda trust them if you use an archived version of it from before.