The current logic will not provide an expected result if the list it is checking has a single element. This results in numerous CVE entries failing validation when they should be imported. As an example the 2023 feed only has a single CVE imported out of 3,229 total CVE records with the current logic.
๐ฃ Description
This pull request corrects an issue with the logic to validate CVSS data in the
cyhy-nvdsync
script.๐ญ Motivation and context
The current logic will not provide an expected result if the list it is checking has a single element. This results in numerous CVE entries failing validation when they should be imported. As an example the 2023 feed only has a single CVE imported out of 3,229 total CVE records with the current logic.
๐งช Testing
I wrote a test script to validate functionality.
Current logic:
This logic in this branch:
โ Pre-approval checklist