meaning of a CWE ID is sometimes omitted #3019

ElectricNroff · 2024-08-20T07:27:29Z

cve-website/src/components/AdpVulnerabilityEnrichment.vue

Lines 140 to 141 in 103e3c1

 <span class="has-text-weight-bold">{{ cwe.cweId }}<span v-if="cwe.description.length > 0">: </span></span> 

 <span v-if="cwe.description.length > 0">{{ cwe.description }}</span>

For example, https://cveawg.mitre.org/api/cve/CVE-2023-0594 has:

"problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",

and https://www.cve.org/CVERecord?id=CVE-2023-0594 renders this as:

CWE
Learn more
CWE-79: CWE-79

I feel that, if cweId is present, then fields such as problemTypes[0].descriptions[0].description should be ignored, and the text to the right of the colon should be obtained from the CWE project, e.g., https://cwe-api.mitre.org/api/v1/cwe/weakness/79 under weaknesses[0].Name in this situation.

The text was updated successfully, but these errors were encountered:

athu-tran added the cve-record-page label Aug 22, 2024

athu-tran closed this as completed by moving to Low Priority in CVE Website Backlog Aug 22, 2024

athu-tran reopened this Aug 27, 2024

jdaigneau5 added the needs-discussion Needs more discussion, either with TWG or internally label Oct 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

meaning of a CWE ID is sometimes omitted #3019

meaning of a CWE ID is sometimes omitted #3019

ElectricNroff commented Aug 20, 2024

meaning of a CWE ID is sometimes omitted #3019

meaning of a CWE ID is sometimes omitted #3019

Comments

ElectricNroff commented Aug 20, 2024