diff mbox series

cve-update-nvd2-native: Update vector logic

Message ID 20241127125945.3211089-1-colinmca242@gmail.com
State New
Headers show
Series cve-update-nvd2-native: Update vector logic | expand

Commit Message

Colin McAllister Nov. 27, 2024, 12:59 p.m. UTC 
The database used by cve-check currently stores the access vector and
vector string for the oldest CVSS version for each CVE. This should be
reversed, where the newest possible CVSS version is included instead.

Signed-off-by: Colin McAllister <colinmca242@gmail.com>
---
 meta/classes/cve-check.bbclass                   |  2 +-
 meta/recipes-core/meta/cve-update-nvd2-native.bb | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)
diff mbox series

Patch

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 0c92b87f52..c4cbcdf8e3 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -31,7 +31,7 @@ 
 CVE_PRODUCT ??= "${BPN}"
 CVE_VERSION ??= "${PV}"
 
-CVE_CHECK_DB_FILENAME ?= "nvdcve_2-2.db"
+CVE_CHECK_DB_FILENAME ?= "nvdcve_2-3.db"
 CVE_CHECK_DB_DIR ?= "${STAGING_DIR}/CVE_CHECK"
 CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/${CVE_CHECK_DB_FILENAME}"
 CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock"
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
index a68a8bb89f..e111709b22 100644
--- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -355,21 +355,21 @@  def update_db(conn, elt):
         cvssv2 = 0.0
     cvssv3 = None
     try:
-        accessVector = accessVector or elt['cve']['metrics']['cvssMetricV30'][0]['cvssData']['attackVector']
-        vectorString = vectorString or elt['cve']['metrics']['cvssMetricV30'][0]['cvssData']['vectorString']
+        accessVector = elt['cve']['metrics']['cvssMetricV30'][0]['cvssData']['attackVector']
+        vectorString = elt['cve']['metrics']['cvssMetricV30'][0]['cvssData']['vectorString']
         cvssv3 = elt['cve']['metrics']['cvssMetricV30'][0]['cvssData']['baseScore']
     except KeyError:
         pass
     try:
-        accessVector = accessVector or elt['cve']['metrics']['cvssMetricV31'][0]['cvssData']['attackVector']
-        vectorString = vectorString or elt['cve']['metrics']['cvssMetricV31'][0]['cvssData']['vectorString']
+        accessVector = elt['cve']['metrics']['cvssMetricV31'][0]['cvssData']['attackVector']
+        vectorString = elt['cve']['metrics']['cvssMetricV31'][0]['cvssData']['vectorString']
         cvssv3 = cvssv3 or elt['cve']['metrics']['cvssMetricV31'][0]['cvssData']['baseScore']
     except KeyError:
         pass
     cvssv3 = cvssv3 or 0.0
     try:
-        accessVector = accessVector or elt['cve']['metrics']['cvssMetricV40'][0]['cvssData']['attackVector']
-        vectorString = vectorString or elt['cve']['metrics']['cvssMetricV40'][0]['cvssData']['vectorString']
+        accessVector = elt['cve']['metrics']['cvssMetricV40'][0]['cvssData']['attackVector']
+        vectorString = elt['cve']['metrics']['cvssMetricV40'][0]['cvssData']['vectorString']
         cvssv4 = elt['cve']['metrics']['cvssMetricV40'][0]['cvssData']['baseScore']
     except KeyError:
         cvssv4 = 0.0