On 20 Mar 2024, at 16:09, Emil Kronborg via lists.openembedded.org <emil.kronborg=protonmail....@lists.openembedded.org> wrote: > > For some reason, the CVE product is just called py and not pytest in the > NIST NVD database. Since the database only accept keywords with at least > 3 characters, the CVE vendor must also be specified.
I can only find two CVEs with the CPE pytest:py and either of them are actually related to the pytest package: https://nvd.nist.gov/vuln/detail/CVE-2020-29651 https://nvd.nist.gov/vuln/detail/CVE-2022-42969 These issues relate to https://github.com/pytest-dev/py which is not pytest. Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#197419): https://lists.openembedded.org/g/openembedded-core/message/197419 Mute This Topic: https://lists.openembedded.org/mt/105047705/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-