[OSVDB-discuss] How to report db data errors?
David Shettler
dave at opensecurityfoundation.org
Tue Jun 2 17:39:50 CDT 2009
osvdb_id isn't the primary key. On some vulnerabilities, the id field
is the same as the osvdb_id, but don't count it. OSVDB_ID the public
identifier, and is only assigned when a vulnerability is approved to
be created. Many vulnerabilities come in that are not approved, or
are merged into one, or a broken into many, hence why it isn't used as
a primary key anymore (it was a few years ago).
Instead, vulnerability_id refers to the id field of the vulnerabilities table.
OSVDB ID: 42670 has an id of 1026869
> # ext_references points to non-existent osvdb id
> mysql> select * from vulnerabilities where osvdb_id=1026869;
> Empty set (0.09 sec)
instead, try:
select * from vulnerabilities where id = 1026869;
Dave
More information about the Osvdb-discuss
mailing list