Feature request: make cve records with a single quote in their body easy to submit

Question

Feature request: make cve records with a single quote in their body easy to submit

MrSeccubus opened this issue 2 years ago · comments

Frank Breedijk commented 2 years ago

If you want to submit a CVE record that has signe quotes in them, it is hard to make the shell syntax work.

Solutions would be:

Allowing the json to be read form a file
Allowing the json to be read from stdin

Frank Breedijk · Answer 1 · Tue Nov 08 2022 22:56:21 GMT+0800 (China Standard Time)

You will get this is you make a record with vulnogram and select the following problem type:

"problemTypes": [
                {
                    "descriptions": [
                        {
                            "cweId": "CWE-1321",
                            "description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\"Prototype Pollution\")",
                            "lang": "en",
                            "type": "CWE"
                        }
                    ]
                }
            ],

Martin Prpič · Answer 2 · Tue Nov 08 2022 23:08:36 GMT+0800 (China Standard Time)

The publish command already has submission from a file as an option:

-f, --cve-json-file FILENAME  File containing JSON body of CVE record to publish.

It's only available on master but I can do a new release by the end of the week to also include some of the changes from the other issues you filed.

Frank Breedijk · Answer 3 · Tue Nov 08 2022 23:55:57 GMT+0800 (China Standard Time)

Thanks @mprpic, Much appreciated.