From 8b5c222b081f0c6e34cbe8e24e37fceaee86789d Mon Sep 17 00:00:00 2001 From: Jonathan Schnitzler Date: Sun, 24 Aug 2025 16:57:44 +0200 Subject: [PATCH] cve-update-db-native: Fix FKIE CVE accessVector parsing Use "attackVector" for CVSS >= 3 as it only CVSS v2 uses "accessVector". (From OE-Core rev: 7e4d566445a8cbe1e540e20837d45692d81af77f) Signed-off-by: Jonathan Schnitzler Signed-off-by: Peter Marko Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie --- meta/recipes-core/meta/cve-update-db-native.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 43cafb52b1..87e5a3edaa 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb @@ -352,7 +352,7 @@ def update_db_fkie(conn, jsondata): try: for m in elt['metrics']['cvssMetricV30']: if m['type'] == 'Primary': - accessVector = m['cvssData']['accessVector'] + accessVector = m['cvssData']['attackVector'] vectorString = m['cvssData']['vectorString'] cvssv3 = m['cvssData']['baseScore'] except KeyError: @@ -361,7 +361,7 @@ def update_db_fkie(conn, jsondata): try: for m in elt['metrics']['cvssMetricV31']: if m['type'] == 'Primary': - accessVector = m['cvssData']['accessVector'] + accessVector = m['cvssData']['attackVector'] vectorString = m['cvssData']['vectorString'] cvssv3 = m['cvssData']['baseScore'] except KeyError: @@ -370,7 +370,7 @@ def update_db_fkie(conn, jsondata): try: for m in elt['metrics']['cvssMetricV40']: if m['type'] == 'Primary': - accessVector = m['cvssData']['accessVector'] + accessVector = m['cvssData']['attackVector'] vectorString = m['cvssData']['vectorString'] cvssv4 = m['cvssData']['baseScore'] except KeyError: