Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

search_api_fulltext links might be confusing #82

Open
ElectricNroff opened this issue Jun 28, 2024 · 3 comments
Open

search_api_fulltext links might be confusing #82

ElectricNroff opened this issue Jun 28, 2024 · 3 comments
Assignees
@todb-cisa
Labels
blocked This issue or pull request is awaiting the outcome of another issue or pull request feature Something that's nice to have kev For issues relating to KEV status

Comments

@ElectricNroff
Copy link

ElectricNroff commented Jun 28, 2024
edited
Loading

vulnrichment/2023/38xxx/CVE-2023-38831.json

Line 113 in 6a33bf2

"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-38831"

Suppose that I wish to quickly check whether CVE-2023-38831 is used in ransomware campaigns. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-38831 leads to a page on which the information about CVE-2024-29988 is shown at the top. To interpret the information correctly, I need to:

In other words, if the www.cisa.gov website allowed you to link to something like https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-38831&show_this_one_first=CVE-2023-38831&link_entries_to_cve_rather_than_nvd=true then the data-integration experience might be better for many users.
@jwoytek-cisa
Copy link
Collaborator

@ElectricNroff Thanks for the suggestion! There is currently no way to link directly to an entry in the KEV (at least as of the last time I tried), so this is about as close as we can get right now. Perhaps @todb-cisa can help get us a direct link capability?

@jwoytek-cisa jwoytek-cisa added feature Something that's nice to have kev For issues relating to KEV status labels Jun 28, 2024
@todb-cisa todb-cisa self-assigned this Jul 2, 2024
@todb-cisa todb-cisa added the blocked This issue or pull request is awaiting the outcome of another issue or pull request label Aug 1, 2024
@todb-cisa
Copy link
Collaborator

I have, indeed, opened this feature request for direct linkability to the official KEV. Adding a blocked tag here in the meantime.

@todb-cisa
Copy link
Collaborator

Just touching this again -- I'll see again about getting a non-search-based, direct link thing going on https://cisa.gov/kev proper. That's really the only way to fix it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@todb-cisa todb-cisa

Labels
blocked This issue or pull request is awaiting the outcome of another issue or pull request feature Something that's nice to have kev For issues relating to KEV status
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ElectricNroff @todb-cisa @jwoytek-cisa