Open ElectricNroff opened 1 year ago
Also in:
https://github.com/CVEProject/cve-website/blob/ce5432aaf4ca70cb1d82e69091d7996f6c985733/src/views/CVERecord/PublishedRecord.vue#L556
productVersion !== '*'
seems unintended because https://github.com/CVEProject/cve-schema/blob/6b11a1b3a7c3a9e504c5cba1b39129d279a7f147/schema/v5.0/docs/versions.md does not define the meaning of a *
value for the version
property.
productVersion !== '0'
may have been intended instead of productVersion !== '*'
https://github.com/CVEProject/cve-schema/blob/master/schema/v5.0/docs/versions.md says
The first special case of an unbounded situation is handled here: https://github.com/CVEProject/cve-website/blob/6d957a8a761c633745430e9ba73e33532987f212/src/views/CVERecord/PublishedRecord.vue#L654-L656
The second special case of an unbounded situation is handled here: https://github.com/CVEProject/cve-website/blob/6d957a8a761c633745430e9ba73e33532987f212/src/views/CVERecord/PublishedRecord.vue#L522-L525
However,
productVersion !== 0
is always true, because the input data must have a string (not an integer) such as"version": "0"
shown above. Example: https://www.cve.org/CVERecord?id=CVE-2023-1580Reference: https://github.com/CVEProject/cve-schema/blob/20a9e977d9020c12d7dce07eb7ef8de30bd61f64/schema/v5.0/CVE_JSON_5.0_schema.json#L82-L86
Should the code be changed to:
?