You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"description": "The single version being described, or the version at the start of the range. By convention, typically 0 denotes the earliest possible version.",
"$ref": "#/definitions/version"
About 100 to 200 CVE Records are affected, beyond those affected by the #323 issue. It's possible that not all strings defined by:
Some data providers use
*
wildcarding within this field:cve-schema/schema/CVE_Record_Format.json
Lines 298 to 300 in 6af5c9c
About 100 to 200 CVE Records are affected, beyond those affected by the #323 issue. It's possible that not all strings defined by:
cve-schema/schema/CVE_Record_Format.json
Lines 81 to 86 in 6af5c9c
should be accepted, and that there should instead be a pattern that excludes
*
in some contexts.This apparently occurs most often for the PHP CNA, e.g.,
but can occur for others:
(typo of
2.4.0rc*
)There are some instances that were carried over from JSON 4 data, e.g.,
(Also, there are many instances where
"version"
includes*
only because of the...[truncated*]
that was added by the JSON 4 to 5 upconversion, e.g., https://github.com/CVEProject/cvelistV5/blob/63f427c6747499216ccd89d92d1cd7306ab65994/cves/2020/11xxx/CVE-2020-11309.json#L11 and more than 200 others from Qualcomm.)Finally, it may be legitimate to have a
*
in"version"
if versionType cpe comes into active use, e.g.,The text was updated successfully, but these errors were encountered: