diff --git a/support/scripts/cve.py b/support/scripts/cve.py index f12a8048cd..747ad881c9 100755 --- a/support/scripts/cve.py +++ b/support/scripts/cve.py @@ -128,7 +128,7 @@ class CVE: filename = CVE.download_nvd_year(nvd_dir, year) try: uncompressed = subprocess.check_output(["xz", "-d", "-c", filename]) - content = ijson.items(uncompressed, 'CVE_Items.item') + content = ijson.items(uncompressed, 'cve_items.item') except: # noqa: E722 print("ERROR: cannot read %s. Please remove the file then rerun this script" % filename) raise @@ -155,11 +155,11 @@ class CVE: for parsed_node in self.parse_node(child): yield parsed_node - for cpe in node.get('cpe_match', ()): + for cpe in node.get('cpeMatch', ()): if not cpe['vulnerable']: return - product = cpe_product(cpe['cpe23Uri']) - version = cpe_version(cpe['cpe23Uri']) + product = cpe_product(cpe['criteria']) + version = cpe_version(cpe['criteria']) # ignore when product is '-', which means N/A if product == '-': return @@ -191,7 +191,7 @@ class CVE: v_end = cpe['versionEndExcluding'] yield { - 'id': cpe['cpe23Uri'], + 'id': cpe['criteria'], 'v_start': v_start, 'op_start': op_start, 'v_end': v_end, @@ -199,14 +199,15 @@ class CVE: } def each_cpe(self): - for node in self.nvd_cve['configurations']['nodes']: - for cpe in self.parse_node(node): - yield cpe + for nodes in self.nvd_cve.get('configurations', []): + for node in nodes['nodes']: + for cpe in self.parse_node(node): + yield cpe @property def identifier(self): """The CVE unique identifier""" - return self.nvd_cve['cve']['CVE_data_meta']['ID'] + return self.nvd_cve['id'] @property def affected_products(self):