CVE package search is exact match only #12477
Assignees
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When searching with a package name, it requires users to type the exact and complete package name.
For example, if a user would like to search MySQL or PostgreSQL CVEs, they must know those database versions beforehand. For example:
"mysql-8.0" returns an expected result for Ubuntu 22.04 LTS.
https://ubuntu.com/security/cves?q=&package=mysql-8.0
However, "mysql" doesn't contains expected result for Ubuntu 22.04 LTS.
https://ubuntu.com/security/cves?q=&package=mysql
The same condition applies to PostgreSQL.
"postgresql-14" works.
https://ubuntu.com/security/cves?q=&package=postgresql-14
However, "postgresql" doesn't contains expected result:
https://ubuntu.com/security/cves?q=&package=postgresql
It would be good if the field allows a partial match or at least offers a checkbox to explicitly enable partial match search.
[with keyword "postgresql-14"]
[with keyword "postgresql"]
*Reported from: https://ubuntu.com/security/cves?q=
The text was updated successfully, but these errors were encountered: