Forums : Technical Issue Help

"Project Vulnerability Report" (PVR) score: Some initial feedback

Dear Black Duck Team,

As a follow-up to: http://blog.openhub.net/2016/10/project-security/

Congrats on the initiative! This is quite a challenge and will be great to improve security in the Free / Libre / Open Source ecosystem. It's a fantastic complement to the existing data.

How do we report incomplete or incorrect data? Perhaps this could be added to the excellent description at: http://blog.openhub.net/about-pvr/

Please see an example of incorrect source data: https://tiki.org/Open+Hub+Project+Vulnerability+Report

Best regards,

M ;-)
Marc Laporte
http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=https%3a%2f%2fopenhub.net%2fanon80
Marc Laporte over 1 year ago
 

Hi Marc;

Thank you so very much! This is very helpful. I'll open a ticket so we can look into this and double check the data we are receiving, how we are processing it, and how we are reporting / displaying it.

6b47e63015bb8b44d0a2d76a995dc783?&s=42&rating=pg&d=https%3a%2f%2fopenhub.net%2fanon80
Peter Degen-Por... over 1 year ago
 

Hi Marc,

Thank you for your post. Yes, it has been fixed and its LIVE now.

https://www.openhub.net/p/tikiwiki/security

Happy to help!

6de3daa3f91b7169c85df7702b4fb1d4?&s=42&rating=pg&d=https%3a%2f%2fopenhub.net%2fanon80
rapbhan over 1 year ago
 

Thanks Rapbhan and Peter. That indeed added a whole bunch of missing data points.

I added some more feedback here:
https://tiki.org/Open+Hub+Project+Vulnerability+Report#Feedback_Round_2

Best regards,

Marc Laporte
http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=https%3a%2f%2fopenhub.net%2fanon80
Marc Laporte over 1 year ago
 

Hi guys!

I hope you are well.

The data is still incorrect which leads to the assertion of "Many reported vulnerabilities" here:
https://www.openhub.net/p/tikiwiki

Please see release dates here: https://tiki.org/All+Releases

I added some more feedback here: https://tiki.org/Open+Hub+Project+Vulnerability+Report#FeedbackRound2

Best regards,

Marc Laporte - http://wikisuite.org/

714c3de7ebb83a610302d863eb924962?&s=42&rating=pg&d=https%3a%2f%2fopenhub.net%2fanon80
Marc Laporte about 1 year ago
 

Thanks for the feedback, Marc. I'll be bringing up with our Knowledge Base team from whom we obtain the raw data that we process into these reports.

6b47e63015bb8b44d0a2d76a995dc783?&s=42&rating=pg&d=https%3a%2f%2fopenhub.net%2fanon80
Peter Degen-Por... about 1 year ago
 

Hi Marc;

We really dug into this and put the results in a blog post Researching Project Security Data.

6b47e63015bb8b44d0a2d76a995dc783?&s=42&rating=pg&d=https%3a%2f%2fopenhub.net%2fanon80
Peter Degen-Por... about 1 year ago
 

Post a Response