Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

information about vulnerabilities being exploited #32

Open
CVEaskedme2openIssues opened this issue Dec 18, 2024 · 0 comments
Open

information about vulnerabilities being exploited #32

CVEaskedme2openIssues opened this issue Dec 18, 2024 · 0 comments

Comments

@CVEaskedme2openIssues
Copy link

Proposed New Idea/Feature (required)

The general public would benefit from a bottom line up front notice that the vulnerability they are looking at is known to be exploited. The method that NIST uses in their NVD is including a section titled "This CVE is in CISA's Known Exploited Vulnerabilities Catalog" and including a shortened name for the vulnerability e.g. Vendor/Product Remote Code Execution Vulnerability, the date that it was added to the KEV Catalog, and the Remediation Action. Currently, cve.org doesn't display any of that information, while CISA-ADP fills in the gaps. CISA-ADP's own entry is not intuitive (even to someone who checks CVEs regularly) and could be improved by including the blog post announcing the addition of the CVE to the KEV Catalog, besides the json file. Example: https://www.cisa.gov/news-events/alerts/2024/12/17/cisa-adds-one-known-exploited-vulnerability-catalog

Additional Notes (Optional)

N/A
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CVEaskedme2openIssues