Look up severity value from NVD API (!13) · Merge requests · GitLab.org / Secure Stage / tools / Security triage automation · GitLab

Adam Cohen requested to merge lookup-severity-from-nvd-api into master Nov 02, 2022

What does this MR do?

Look up the severity value from the NVD API.

In order to reduce the number of requests made to the NVD API, we cache already-seen CVE data into a local sqlite3 database.
Add --update-existing-issues flag for changing the details/labels of already-processed issues.

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab/-/issues/381133+

Related issues

https://gitlab.com/gitlab-org/gitlab/-/issues/379246+

Edited Nov 11, 2022 by Adam Cohen