We are seeing cases where the OVAL data is changing, then reverting, then reverting again. E.g. for CVE-2022-23437, the description has gone from populated ("DOCUMENTATION: The MITRE CVE dictionary describes this issue as: There's ...") to unpopulated, then back and forth. This has happened just over the past couple of hours (late morning/early afternoon EST on 2022-03-18). 

Similarly, we are seeing cases where some CVEs are added and then removed, back and forth. For example, CVE-2021-45868 was in the RHEL 8 unpatched file I pulled at 2:42 EST on 2022-03-18, but not in the one I pulled at 3:09 (the 3:09 file is attached). We've been seeing similar things to this for the past few days.

We are pulling all our data from the OVAL feed (https://www.redhat.com/security/data/oval/v2/), and specifically for base RHEL unpatched (e.g. https://www.redhat.com/security/data/oval/v2/RHEL8/rhel-8-including-unpatched.oval.xml.bz2). Preview attachment www.redhat.com-security-data-oval-v2-RHEL8-rhel-8-including-unpatched.oval.xml.bz2
 
 


www.redhat.com-security-data-oval-v2-RHEL8-rhel-8-including-unpatched.oval.xml.bz2
1.4 MB