Prefer CVE alias over others (#87)

Signed-off-by: Prabhu Subramanian <[email protected]>
AppThreat · Jan 31, 2024 · df6750e · df6750e
1 parent 7722f87
commit df6750e
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "appthreat-vulnerability-db"
-version = "5.6.0"
+version = "5.6.1"
 description = "AppThreat's vulnerability database and package search library with a built-in file based storage. OSV, CVE, GitHub, npm are the primary sources of vulnerabilities."
 authors = [
     {name = "Team AppThreat", email = "[email protected]"},

diff --git a/vdb/lib/osv.py b/vdb/lib/osv.py
@@ -124,7 +124,7 @@ def to_vuln(self, cve_data):
         # Try to locate the CVE id from the aliases section
         if not cve_id.startswith("CVE") and not cve_id.startswith("RUSTSEC"):
             for i in aliases:
-                if not i.startswith("OSV"):
+                if i.startswith("CVE"):
                     cve_id = i
                     break
         assigner = "OSV"