Skip to content

Resolves issue #1874, Preserve both CNA modified-date bounds in CVE query filters.#1888

Merged
jdaigneau5 merged 2 commits into
devfrom
dr_1874
Jun 30, 2026
Merged

Resolves issue #1874, Preserve both CNA modified-date bounds in CVE query filters.#1888
jdaigneau5 merged 2 commits into
devfrom
dr_1874

Conversation

@david-rocca

@david-rocca david-rocca commented Jun 29, 2026

Copy link
Copy Markdown
Collaborator

Closes Issue #1874 and #1328

Summary

Fixes cna_modified=true filtering so time_modified.gt and time_modified.lt are both preserved in the Mongo query for /api/cve and /api/cve_cursor.

Important Changes

src/controller/cve.controller/cve.controller.js

  • Initializes the CNA provider metadata date query object once per request.
  • Adds $gt and $lt to the same query object instead of overwriting one bound.

test/unit-tests/cve/cveGetAllTest.js

  • Added query-construction regression tests for /api/cve and /api/cve_cursor.

test/integration-tests/cve/getCveCnaModifiedTest.js

  • Added endpoint coverage proving only CVEs inside the requested CNA modified-date window are returned.

Testing

Steps to manually test updated functionality, if possible

  • 1) Call /api/cve?time_modified.gt=<start>&time_modified.lt=<end>&cna_modified=true and verify only in-window CNA modified records return.
  • 2) Call /api/cve_cursor?time_modified.gt=<start>&time_modified.lt=<end>&cna_modified=true and verify only in-window CNA modified records return.

@david-rocca david-rocca changed the title Dr 1874 Resolves issue #1874, Preserve both CNA modified-date bounds in CVE query filters. Jun 29, 2026
@jdaigneau5 jdaigneau5 merged commit 4f4637e into dev Jun 30, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants