From 7b672d62206e8fb67ad0ca0eeae2defc81323563 Mon Sep 17 00:00:00 2001
From: prabhu <prabhu@appthreat.com>
Date: Sun, 14 Jul 2024 15:49:23 +0100
Subject: [PATCH] Ignore withdrawn cve (#163)

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
---
 vdb/lib/nvd.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/vdb/lib/nvd.py b/vdb/lib/nvd.py
index 5d20e17..57f2878 100644
--- a/vdb/lib/nvd.py
+++ b/vdb/lib/nvd.py
@@ -433,6 +433,9 @@ def convert_api_vuln(vuln: dict) -> Vulnerability | None:
                 problem_type = aweakness["description"][0]["value"]
                 break
         description = NvdSource._get_value(vuln, "descriptions")
+        # Ignore disputed CVEs. Eg: CVE-2023-35116
+        if "** DISPUTED **" in description or "this is not a valid vulnerability report" in description:
+            return None
         rdata = vuln.get("references", [])
         related_urls = [r["url"] for r in rdata]
         metrics = vuln.get("metrics", {})