Giters

CVEProject / cve-schema

This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published here. This repository is managed by the CVE Quality Working Group.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE Records that don't comply with 5.0.1

ElectricNroff opened this issue · comments

commented

In addition to what was mentioned at #217 (comment) there are some additional types of anomalies when testing against 5.0.1 at https://github.com/CVEProject/cve-schema/blob/521696b8ee6be21a86e8cac712b888bc0deb5e1f/schema/v5.0/docs/CVE_JSON_5.0_bundled.json

https://github.com/CVEProject/cvelistV5/blob/db8034f8ff7ebfc64b5888e45e143d4e7e02ee9d/cves/2022/20xxx/CVE-2022-20966.json#L170
CVE-2022-20966

"scenario": "GENERAL",

supposed to be written as:

"scenarios": [
          {
            "lang": "en",
            "value": "GENERAL"
          }

https://github.com/CVEProject/cvelistV5/blob/db8034f8ff7ebfc64b5888e45e143d4e7e02ee9d/cves/2023/0xxx/CVE-2023-0052.json#L21
CVE-2023-0052

"None": "Firmware version 3.3-006 and prior with BACnetstac version 4.2.1 and prior"

("None" is not a valid property under "versions")