Understanding Vulnerabilities
How GeekWala sources and enriches vulnerability intelligence
Vulnerability Data Sources
Where our vulnerability intelligence comes from.
Primary Data Source: OSV Database
GeekWala uses the Open Source Vulnerabilities (OSV) database as its primary data source. OSV is a free, open, and distributed vulnerability database maintained by Google.
What is OSV?
OSV aggregates security advisories from multiple authoritative sources:
Coverage Statistics
50,000+
Vulnerabilities tracked
8
Ecosystems supported
Daily
Updates from upstream
1999
Historical CVE data
Why OSV?
- Vendor-neutral: No commercial bias or gating
- Machine-readable: Structured JSON schema for accurate parsing
- Comprehensive: Aggregates multiple authoritative sources
- Timely: Updates within hours of new vulnerability disclosures
Data Freshness
- • OSV responses are cached for up to 1 hour to reduce upstream load
- • Cache keys are per ecosystem/package/version; a new scan after expiry fetches fresh data
- • Scan results reflect the OSV state at the moment the request was made
Threat Intelligence
Beyond vulnerability identification, GeekWala integrates threat intelligence data to help you prioritize remediation.
EPSS (Exploit Prediction Scoring System)
EPSS is maintained by FIRST.org and predicts the probability that a vulnerability will be exploited in the wild within the next 30 days. Scores range from 0% to 100%.
>50%
High likelihood - prioritize immediately
10-50%
Moderate likelihood - address soon
<10%
Lower likelihood - monitor
EPSS scores are updated daily and displayed as a percentage badge on each vulnerability.
CISA KEV (Known Exploited Vulnerabilities)
The CISA KEV catalog tracks vulnerabilities that are actively being exploited in the wild. Maintained by the U.S. Cybersecurity and Infrastructure Security Agency, this catalog represents confirmed, real-world attacks.
Vulnerabilities in the KEV catalog are marked with an animated badge and should be your top priority for remediation.
- • KEV catalog is refreshed daily
- • Includes remediation due dates when mandated by CISA
- • Covers vulnerabilities across all ecosystems with CVE IDs
How We Use Threat Intelligence
- • EPSS and KEV data are fetched automatically during vulnerability enrichment
- • EPSS data cached for 24 hours; KEV data cached for 48 hours to balance freshness and API efficiency
- • If external APIs are unavailable, we fall back to previously cached data
- • Threat intelligence is only available for vulnerabilities with CVE identifiers
Severity Classification
How we calculate and display vulnerability severity.
Severity Levels
GeekWala normalizes severity ratings into four levels:
Critical
CVSS Score: 9.0–10.0
Impact: Remote code execution, privilege escalation, data exfiltration
Recommendation: Patch within 24 hours
High
CVSS Score: 7.0–8.9
Impact: Denial of service, authentication bypass, SQL injection
Medium
CVSS Score: 4.0–6.9
Impact: Information disclosure, XSS, CSRF
Low
CVSS Score: 0.1–3.9
Impact: Minor information leaks, edge-case issues
Severity Data Sources
- • OSV provides severity ratings from upstream advisories
- • When multiple ratings exist (CVSS v2, v3, vendor-specific), we use the highest score
- • If no severity is provided by OSV, we classify as "Medium" by default
CVSS Versions
- • CVSS v3.1 is preferred when available
- • CVSS v2 is used as fallback for older CVEs
- • Vendor-specific ratings (GitHub, npm, etc.) included in details
Viewing Detailed Severity Information
Click any vulnerability badge to view:
- • Full CVSS vector string
- • Attack vector, complexity, privileges required
- • Impact on confidentiality, integrity, availability
- • Exploitability score