Open
Description
Looking at a Package details in the API, https://public.vulnerablecode.io/api/packages/?purl=pkg:pypi/[email protected]
It seems that we could do a better job at providing a reference_id in some cases:
{
"reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json",
"reference_id": "",
"scores": [
{
"value": "7.5",
"scoring_system": "cvssv3",
"scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json"
},
{
"reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680",
"reference_id": "",
"scores": [],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"
},
{
"reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml",
"reference_id": "",
"scores": [
{
"value": "5.9",
"scoring_system": "cvssv3.1",
"scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"value": "MODERATE",
"scoring_system": "generic_textual",
"scoring_elements": ""
}
],
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml"
},
....