new topic become cve - MIGRATED ISSUE

[pbarry-r7]

what will happen when a topic manually added will become a CVE?
for example, i feel that https://attackerkb.com/topics/liferay-ce-6-0-2-java-deserialization will be edited as soon as someone have time to explore the source code, and it will become CVE-2019-16891.

p.s.: that CVE is not present on attackerkb.

[pbarry-r7]

"So the way our data ingestion works currently wouldn't automatically link the two topics. The workers basically just look to determine if a CVE already exists in AKB, by using the Reference section of a topic. If it doesn't exist, it creates a new one. If we find a match, the existing topic will be updated with the new info.

There is a caveat, though. If an existing topic is found, but it was last edited by a "human" and not a "worker", then it will skip updating. This was done because coalescing data is difficult and we haven't had the time to solve that problem. As a simple way of handling this we prioritize the user-entered data and block the worker from making updates. It's not a great system, but it works for many cases and was easy to implement given limited development resources.

We plan on focusing on data ingestion and improve once AttackerKB goes public. This is definitely a case we'll be taking a look at post-open beta."

[khyveasna11111908]

Plc