You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some ecosystems like Debian use related field to specify that a DSA covers multiple CVEs. This is placed in related instead of aliases because this relation is not necessarily reflexive (i.e. a DSA covers N CVEs, but each CVE don't fully cover a DSA), but normal aliases are reflexive.
For the purposes of grouping, we should group DSA related and the CVEs it covers to avoid showing overlapping vulnerability results.
The text was updated successfully, but these errors were encountered:
oliverchang
added
backlog
Important but currently unprioritized
and removed
stale
The issue or PR is stale and pending automated closure
labels
Nov 18, 2024
Some ecosystems like Debian use related field to specify that a DSA covers multiple CVEs. This is placed in related instead of aliases because this relation is not necessarily reflexive (i.e. a DSA covers N CVEs, but each CVE don't fully cover a DSA), but normal aliases are reflexive.
For the purposes of grouping, we should group DSA related and the CVEs it covers to avoid showing overlapping vulnerability results.
The text was updated successfully, but these errors were encountered: