Vulners.nse: respect mincvss unless cvss is missing or is 0 for exploits

2025-12-06 04:31:29 +00:00 · 2022-07-29 15:21:15 +00:00
parent 9a1ba979b0
commit d66644be63
1 changed files with 1 additions and 1 deletions
--- a/scripts/vulners.nse
+++ b/scripts/vulners.nse
@@ -99,7 +99,7 @@ function make_links(vulns)
    }

    -- NOTE[gmedian]: exploits seem to have cvss == 0, so print them anyway
-    if v.is_exploit or (v.cvss and mincvss <= v.cvss) then
+    if not v.cvss or (v.cvss == 0 and v.is_exploit) or mincvss <= v.cvss then
      setmetatable(v, cve_meta)
      output[#output+1] = v
    end