From d66644be63e64a94687160da005d65cbf0b51280 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Fri, 29 Jul 2022 15:21:15 +0000
Subject: [PATCH] Vulners.nse: respect mincvss unless cvss is missing or is 0
 for exploits

---
 scripts/vulners.nse | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/vulners.nse b/scripts/vulners.nse
index 091de9451..1508d8f87 100644
--- a/scripts/vulners.nse
+++ b/scripts/vulners.nse
@@ -99,7 +99,7 @@ function make_links(vulns)
     }
 
     -- NOTE[gmedian]: exploits seem to have cvss == 0, so print them anyway
-    if v.is_exploit or (v.cvss and mincvss <= v.cvss) then
+    if not v.cvss or (v.cvss == 0 and v.is_exploit) or mincvss <= v.cvss then
       setmetatable(v, cve_meta)
       output[#output+1] = v
     end