The CVE ID
https://osv.dev/vulnerability/CVE-2018-12605
Describe the data quality issue observed
The references array contains an entry {"type":"WEB"} that is missing the required url field, violating the OSV schema.
[
{"type":"WEB"},
{"type":"ADVISORY","url":"https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/"},
{"type":"FIX","url":"https://gitlab.com/gitlab-org/gitlab-ce/issues/45168"}
]Consumers that treat url as non-nullable (per the schema) fail to parse this record.
Suggested changes to record
Remove the {"type":"WEB"} entry that has no url, or add the missing URL.
This fix appears to already be applied on the staging environment:
https://test.osv.dev/vulnerability/CVE-2018-12605
Additional context
The staging/test environment (test.osv.dev) already has this corrected.
It would be appreciated if the same correction could be applied to production as well.
The CVE ID
https://osv.dev/vulnerability/CVE-2018-12605
Describe the data quality issue observed
The
referencesarray contains an entry{"type":"WEB"}that is missing the requiredurlfield, violating the OSV schema.[ {"type":"WEB"}, {"type":"ADVISORY","url":"https://about.gitlab.com/2018/06/25/security-release-gitlab-11-dot-0-dot-1-released/"}, {"type":"FIX","url":"https://gitlab.com/gitlab-org/gitlab-ce/issues/45168"} ]Consumers that treat
urlas non-nullable (per the schema) fail to parse this record.Suggested changes to record
Remove the
{"type":"WEB"}entry that has nourl, or add the missing URL.This fix appears to already be applied on the staging environment:
https://test.osv.dev/vulnerability/CVE-2018-12605
Additional context
The staging/test environment (
test.osv.dev) already has this corrected.It would be appreciated if the same correction could be applied to production as well.