Skip to content

Commit

Permalink
fix: parse CPE names correctly intel#4041 (intel#4063)
Browse files Browse the repository at this point in the history
Signed-off-by: fthdrmzzz <mail.fatih.durmaz@gmail.com>
Co-authored-by: Terri Oda <terri.oda@intel.com>
  • Loading branch information
fthdrmzzz and terriko authored Apr 25, 2024
1 parent ec67e43 commit daea8e4
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions cve_bin_tool/data_sources/nvd_source.py
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,8 @@ def parse_node(self, node: dict[str, list[dict[str, str]]]) -> list[dict[str, st
if "cpe_match" in node:
vulnerable_matches = (m for m in node["cpe_match"] if m["vulnerable"])
for cpe_match in vulnerable_matches:
cpe_split = cpe_match["cpe23Uri"].split(":")
# split on `:` only if it's not escaped
cpe_split = re.split(r"(?<!\\):", cpe_match["cpe23Uri"])
affects = {
"vendor": cpe_split[3],
"product": cpe_split[4],
Expand Down Expand Up @@ -290,7 +291,8 @@ def parse_node_api2(
if "cpeMatch" in node:
vulnerable_matches = (m for m in node["cpeMatch"] if m["vulnerable"])
for cpe_match in vulnerable_matches:
cpe_split = cpe_match["criteria"].split(":")
# split on `:` only if it's not escaped
cpe_split = re.split(r"(?<!\\):", cpe_match["criteria"])
affects = {
"vendor": cpe_split[3],
"product": cpe_split[4],
Expand Down

0 comments on commit daea8e4

Please sign in to comment.