Enhancement of VulnerableCode

Software development is undergoing a gradual increase in pace. The direct result of this is more software vulnerabilities. Countless vulnerabilities are reported and published on different mediums. This data needs to be collected in one place. VulnerableCode aims to fulfil this need.

This project enables VulnerableCode to precisely map vulnerabilities from National Vulnerability Database to the vulnerable packages, down to obtaining their package URLs. To do so the current data models are tweaked to capture more details. Data from more ecosystem-specific advisories is collected to minimize reliance on the National Vulnerability Database as well as to get more details. Finally, to allow the community to view and curate the data in a human-friendly way, a basic frontend for VulnerableCode is implemented.