Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

CVE fallout: The splintering of the standard vulnerability tracking system has begun

⁨340⁩ ⁨likes⁩

Submitted ⁨⁨3⁩ ⁨weeks⁩ ago⁩ by ⁨Tea@programming.dev⁩ to ⁨technology@lemmy.world⁩

https://go.theregister.com/feed/www.theregister.com/2025/04/18/splintering_cve_bug_tracking/

source

Comments

Sort:hotnewtop
  • Eyekaytee@aussie.zone ⁨3⁩ ⁨weeks⁩ ago

    everything the US gov helps funds now has a question mark over whether it’ll still be here in 4 years…

    source
    • hddsx@lemmy.ca ⁨3⁩ ⁨weeks⁩ ago

      Four years? Boy, you are optimistic

      source
      • Eyekaytee@aussie.zone ⁨3⁩ ⁨weeks⁩ ago

        tbf to the US they fund an absolute ton of things, eg. I didn’t realise they helped fund lets encrypt and now the CVE database either, I assume it’ll be a drip feed of things being cancelled slowly over time as they find them all

        Image

        source
        • -> View More Comments
      • catloaf@lemm.ee ⁨3⁩ ⁨weeks⁩ ago

        It won’t be here next year, but it won’t be here in four years too.

        source
        • -> View More Comments
      • Almacca@aussie.zone ⁨3⁩ ⁨weeks⁩ ago

        This shit seems to change by the minute.

        source
    • w3dd1e@lemm.ee ⁨3⁩ ⁨weeks⁩ ago

      I’m don’t trust any .gov sites anymore. If I’m researching and I see that it’s a government site, I move on. I can’t trust that info.

      The whole thing is scary

      source
      • IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago

        You can kinda trust them if you use an archived version of it from before.

        source
  • 0xD@infosec.pub ⁨3⁩ ⁨weeks⁩ ago

    OMG I’ve been motherfucking looking for this piece of shit EUVD for the past weeks and only found references and info pages, but never the actual fucking database!! Finally I know it exists.

    Why is it hidden? Why does it have that braindead URL? And why, for the love of god, does it have a separate numbering scheme?!

    source
    • JohnEdwa@sopuli.xyz ⁨3⁩ ⁨weeks⁩ ago

      And why, for the love of god, does it have a separate numbering scheme?!

      Because they want the ability to reference other vulnerability sources - like JVN - and not just CVE.

      The EUVD service builds upon the CVE system and vulnerabilities in the scope of the CVE numbering service receive a CVE. In addition, the EUVD data aggregates and enriches the vulnerability information and lists an EUVD ID on top of the CVE when new vulnerability entries are created. To allow further cross referencing, the CVE identifier and additional vulnerability identifiers are listed when available. -https://euvd.enisa.europa.eu/faq

      And because, you know, standards.

      source
    • SinningStromgald@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

      I can only assume the stories about CVE have pushed it to the top but I just search “European vulnerability database” and first link went to the database.

      source
  • zero_spelled_with_an_ecks@programming.dev ⁨3⁩ ⁨weeks⁩ ago

    Could it be a good candidate for federation? There’s already a few naming standards that would allow a bit of a common ground. And maybe eliminate a few of the big points of failure.

    source
    • fmstrat@lemmy.nowsci.com ⁨3⁩ ⁨weeks⁩ ago

      Distributed hosting isn’t really a problem here, its distributed funding for the staff.

      source
  • masterspace@lemmy.ca ⁨3⁩ ⁨weeks⁩ ago

    Lmao come on. Some people in the EU speak English and knew that naming your standard “European Union Venereal Disease” was a bad idea.

    source
    • BlueBockser@programming.dev ⁨3⁩ ⁨weeks⁩ ago

      But “Congenital Venereal Edema” is better?

      source
      • masterspace@lemmy.ca ⁨3⁩ ⁨weeks⁩ ago

        VD: www.urbandictionary.com/define.php?term=VD

        VE: www.urbandictionary.com/define.php?term=VE

        source
        • -> View More Comments
  • thann@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago

    Im sure DOGE will replace it with a more efficient way for the government to track all of the bugs its computers might be vulnerable to…

    source
    • bitjunkie@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

      …and then send them directly to Putin’s cyberwarfare unit.

      source