Description
While conducting a deeper analysis of your repository to compare it with the NVD (National Vulnerability Database) in terms of usability and available information, with the goal of making life easier for security researchers, I discovered 2,249 artifacts that lacked CVE names. Upon focusing on these, I found that 99 of them were indeed listed in the NVD, which made it odd that the CVE identifiers were not explicitly present in the JSON files. I then examined the references and noticed that these artifacts contained links to the NVD, where their respective CVEs were listed.
I wanted to bring this potential discrepancy to your attention, as these artifacts do have associated CVEs, which are documented in the attached file along with their corresponding NVD links. This might indicate a possible issue in the database that could benefit from further review.
Here are the names of the files along with the names of the CVE's mentioned in them and their links to the nvd which is where I got the CVE's from:
https://github.com/leoambrus/artefactswithoutCVEonGitHubAdvisoryDatabase/blob/main/README.md