diff --git a/docs/guides/advanced_search.md b/docs/guides/advanced_search.md index e7d3580..2dac4d2 100644 --- a/docs/guides/advanced_search.md +++ b/docs/guides/advanced_search.md @@ -53,6 +53,8 @@ The currently supported fields are: - **product** - Search by product name (e.g., `android`). - **userTag** - Search by user tag associated with the CVE. - **project** – Search using the vendors and products subscribed in a project. +- **kev** – Search based on the KEV catalog. Accepts `true` or `false`. +- **epss** – Search based on EPSS score. Accepts a percentage (e.g., `epss:80`) or a decimal between 0 and 1 (e.g., `epss:'0.8'`). !!! important Each field supports specific operators to refine your queries effectively: @@ -60,8 +62,8 @@ The currently supported fields are: - **description**, **title**, and **cve** fields support the operators `:` and `=`: - `:` performs a partial (LIKE) search. - `=` performs an exact match search. - - CVSS fields (**cvss20**, **cvss30**, **cvss31**, **cvss40**) support the following comparison operators: `>`, `>=`, `<`, `<=`, `=`. - - **vendor**, **product**, and **userTag** fields only support the `:` operator. + - Metrics fields (**cvss20**, **cvss30**, **cvss31**, **cvss40**, **epss**) support the following comparison operators: `>`, `>=`, `<`, `<=`, `=`. + - **vendor**, **product**, **userTag** and **kev** fields only support the `:` operator. By using fields and operators, you can fine-tune your searches to quickly find relevant CVEs based on your needs. @@ -101,10 +103,10 @@ To search for CVEs with a high score in either CVSS 3.1 or CVSS 4.0: cvss31>=9 OR cvss40>=9 ``` -To search for CVEs within a product: +To search for CVEs within a product and in the KEV catalog: ``` -vendor:linux AND product:linux_kernel +vendor:linux AND product:linux_kernel AND kev:true ``` To search all CVE in 1999's: @@ -113,10 +115,10 @@ To search all CVE in 1999's: cve:CVE-1999 ``` -To search all CVEs related to the vendors and products subscribed to in a project: +To search all CVEs related to the vendors and products subscribed to in a project with a high EPSS score: ``` -project:my-project +project:my-project AND epss>=80 ``` !!! tip diff --git a/docs/images/troubleshooting/clear-existing-tasks.png b/docs/images/troubleshooting/clear-existing-tasks.png new file mode 100644 index 0000000..7a5fcbb Binary files /dev/null and b/docs/images/troubleshooting/clear-existing-tasks.png differ diff --git a/docs/images/troubleshooting/key-error-opencve.png b/docs/images/troubleshooting/key-error-opencve.png new file mode 100644 index 0000000..da69a96 Binary files /dev/null and b/docs/images/troubleshooting/key-error-opencve.png differ diff --git a/docs/images/troubleshooting/select-dagrun.png b/docs/images/troubleshooting/select-dagrun.png new file mode 100644 index 0000000..c0f0506 Binary files /dev/null and b/docs/images/troubleshooting/select-dagrun.png differ diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md index 56be16d..b5ea9fe 100644 --- a/docs/troubleshooting.md +++ b/docs/troubleshooting.md @@ -104,3 +104,22 @@ Then run the installation again: !!!note `network: host` only works on Linux. If you're on macOS or Windows, make sure your Docker has proper internet access and DNS resolution. + + +## How to Fix the CVE-2025-8875.json (KeyError: 'opencve') Bug + +This issue occurred because CISA added a new entry to its KEV list before MITRE had added it to the official CVE database. An issue has been raised [here](https://github.com/CVEProject/cvelistV5/issues/107). + +Because this behavior was undocumented, OpenCVE’s scheduler failed to parse the entry, resulting in the following error: + +![Troubleshooting KeyError OpenCVE](images/troubleshooting/key-error-opencve.png){.center style="width:100%"} + +The problem has been fixed in this [pull request](https://github.com/opencve/opencve/pull/604). + +You can upgrade OpenCVE and relaunch the failed DAG run in your Airflow scheduler instance. To do so, select it: + +![Troubleshooting Select DAGRun](images/troubleshooting/select-dagrun.png){.center style="width:100%"} + +Then click on the "Clear Existing Tasks" button: + +![Troubleshooting Clear Existing Tasks](images/troubleshooting/clear-existing-tasks.png){.center style="width:60%"}