Vulners.nse: respect mincvss unless cvss is missing or is 0 for exploits

2026-05-13 08:46:45 +00:00 · 2022-07-29 15:21:15 +00:00 · 2022-07-29 15:21:15 +00:00 · d66644be63
commit d66644be63
parent 9a1ba979b0
1 changed files with 1 additions and 1 deletions
--- a/scripts/vulners.nse
+++ b/scripts/vulners.nse
@ -99,7 +99,7 @@ function make_links(vulns)
    }

    -- NOTE[gmedian]: exploits seem to have cvss == 0, so print them anyway
-    if v.is_exploit or (v.cvss and mincvss <= v.cvss) then
+    if not v.cvss or (v.cvss == 0 and v.is_exploit) or mincvss <= v.cvss then
      setmetatable(v, cve_meta)
      output[#output+1] = v
    end