[BUG] CVE-Vulnerabilities widget no longer works as of November 2023

[airplane-flight]

Environment

Self-Hosted (Docker)

System

Ubuntu Server 22.04.3, Docker 24.0.5

Version

2.1.1

Describe the problem

The CVE-Vulnerabilies plugin stopped functioning on 16 November 2023 and now displays the message "We released new APIs and this endpoint is discontinued as of 16 November 2023. Updating your integrations is strongly recommended. Please visit www.cvedetails.com for more information"

Additional info

Please tick the boxes

• You have explained the issue clearly, and included all relevant info
• You are using a supported version of Dashy
• You've checked that this issue hasn't already been raised
• You've checked the docs and troubleshooting guide
• You agree to the code of conduct

[TheBrenny]

I wouldn't be surprised if this gets marked as a "Won't Fix". CVE Details has gone to a paid model, and for the low low price of $1500 per month (yes, one-thousand five-hundred per month), there's probably zero interest from anyone in the FOSS community to push this through.

Suggest moving to NIST's NVD as an alternate.

[CySecZH]

I wouldn't be surprised if this gets marked as a "Won't Fix". CVE Details has gone to a paid model, and for the low low price of $1500 per month (yes, one-thousand five-hundred per month), there's probably zero interest from anyone in the FOSS community to push this through.

Suggest moving to NIST's NVD as an alternate.

If I understand right, in the same article they state at the end of "What's included in the free trial?"

API access (up to 5 requests per minute)

-->So maybe widget could be rewritten for using credentials to get info and max rate of 5 / min
I'd prefer to use a widget without needing of an additional account too to be honest.