CVE fmt: uses YYYY-NNNN format which is wrong: should use CVE-YYYY-NNNN format
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Triaged
|
Low
|
Unassigned |
Bug Description
When linking or displaying CVEs, Malone needs to make sure the name is correctly shown/parsed as CVE-YYYY-NNNN, so that search engines will be able to make sense of the links. The correct naming convention for CVEs is that they must start with "CVE". Currently, all the links show just YYYY-NNNN.
Other places that would be useful to use the convetion:
- "Link to CVE" page needs to take full CVE name, including "CVE-" prefix
- "CVE Reference" box for bugs that have linked CVEs
- CVE page needs missing dash between "CVE" and index number (e.g. lhttps:
- CVE url paths should be valid with cve prefix too (e.g. https:/
searches need to support CVE-YYYY-NNNN too.
tags: | removed: fix-it-friday |
tags: | added: platform-want |
Changed in launchpad: | |
status: | Confirmed → Triaged |
importance: | Undecided → Low |
tags: | added: confusing-ui |
summary: |
- All places mentioning CVE indexes should use CVE-YYYY-NNNN format + CVE fmt: uses YYYY-NNNN format which is wrong: should use CVE-YYYY-NNNN + format |
description: | updated |
Hi Kees,
I guess you mean the CVE reference box in a bug page, right? Is there any other place that needs updating?
Thanks for the report.