Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: all previous curl CVEs as JSON ?
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 4 May 2023 17:18:51 +0200 (CEST)
On Tue, 2 May 2023, Daniel Stenberg via curl-library wrote:
Here's a little CVE as JSON update:
We now provide:
- All CVEs as a big JSON array with objects.
URL: https://curl.se/docs/vuln.json
- Every CVE as a single JSON. Just change .html to .json on the CVE URL:
Example URL: https://curl.se/docs/CVE-2022-35252.json
- Every release as a JSON array with the objects for the CVEs that particular
release is vulnerable to.
Example URL: https://curl.se/docs/vuln-7.88.1.json
The JSON objects now comply and verify fine against the Open Source
Vulnerability format JSON schema: https://ossf.github.io/osv-schema/
I have done the boring job of updating the most recent 85 something CVEs and
made sure that they specify exactly which git commit that introduced and that
fixed the vulnerabilities in a standard format - so now all JSON objects for
curl CVEs since 2017 also provide git range info for the introduced/fixed
commits.
Enjoy!
Date: Thu, 4 May 2023 17:18:51 +0200 (CEST)
On Tue, 2 May 2023, Daniel Stenberg via curl-library wrote:
Here's a little CVE as JSON update:
We now provide:
- All CVEs as a big JSON array with objects.
URL: https://curl.se/docs/vuln.json
- Every CVE as a single JSON. Just change .html to .json on the CVE URL:
Example URL: https://curl.se/docs/CVE-2022-35252.json
- Every release as a JSON array with the objects for the CVEs that particular
release is vulnerable to.
Example URL: https://curl.se/docs/vuln-7.88.1.json
The JSON objects now comply and verify fine against the Open Source
Vulnerability format JSON schema: https://ossf.github.io/osv-schema/
I have done the boring job of updating the most recent 85 something CVEs and
made sure that they specify exactly which git commit that introduced and that
fixed the vulnerabilities in a standard format - so now all JSON objects for
curl CVEs since 2017 also provide git range info for the introduced/fixed
commits.
Enjoy!
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-05-04