fix: NVD cpe parser doesn't escape \:
's in product and vendor name
#4041
Labels
bug
Something isn't working
\:
's in product and vendor name
#4041
Description
Hello, I think I have noticed a small bug
In nvd_source.py the product data is splitted by
:
.However, in some cases there is
:
in the name of the vendor or the product and NVD escapes these:
's by putting a backslash in front. Example here:This results in recording the product as
\
in the database. To see it, I have made a simple sql query to the mysql database stored in~/.cache/cve-bin-tool/cve.db
to check and see it:I don't know what are the effects of this bug on tool's behavior. Maybe it might miss some cve's on binaries that it was supposed to hit.
Please assign me for this.
The text was updated successfully, but these errors were encountered: