fix: mismatch between cvedb.cve_count and nvd_api.total_results (#1670)

Co-authored-by: b31ngd3v <[email protected]>
intel · May 19, 2022 · 3bb0479 · 3bb0479
1 parent 03b58d4
commit 3bb0479
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/cve_bin_tool/nvd_api.py b/cve_bin_tool/nvd_api.py
@@ -83,6 +83,18 @@ async def nvd_count_metadata(session):
                 cve_count[key["name"]] = int(key["count"])
         return cve_count
 
+    @staticmethod
+    def get_reject_count(fetched_data: Dict) -> int:
+        """Returns total rejected CVE count"""
+        all_cve_list = fetched_data["result"]["CVE_Items"]
+        reject_count = 0
+        for cve_item in all_cve_list:
+            if cve_item["cve"]["description"]["description_data"][0][
+                "value"
+            ].startswith("** REJECT **"):
+                reject_count += 1
+        return reject_count
+
     async def get_nvd_params(
         self,
         time_of_last_update: Union[datetime, None] = None,
@@ -169,7 +181,10 @@ async def load_nvd_request(self, start_index):
 
                         if start_index == 0:
                             # Update total results in case there is discrepancy between NVD dashboard and API
-                            self.total_results = fetched_data["totalResults"]
+                            reject_count = self.get_reject_count(fetched_data)
+                            self.total_results = (
+                                fetched_data["totalResults"] - reject_count
+                            )
                         self.all_cve_entries.extend(fetched_data["result"]["CVE_Items"])
 
                     elif response.status == 503: