CVEProject / cve-services

This repo contains the source for the CVE Services API.
Creative Commons Zero v1.0 Universal
155 stars 72 forks source link

Resolves #1204 Update Cve-Service's version of the CVE schema to address CVSS score errors #1211

Closed jdaigneau5 closed 8 months ago

jdaigneau5 commented 8 months ago

Closes Issue #1204

Summary

In the 5.1 schema, some valid CVSS score and severity pairs would fail validation due to the use of the multipleOf JSON schema keyword's rounding. To address this, we updated Cve-Services's copy of the CVE schema to have enums of acceptable values for CVSS scores, avoiding rounding issues.

Important Changes

CVE_JSON_5.1_bundled.json, 5.1_published_cna_container.json