Changelog

Synapse-NIST-NVD Changelog

v3.1.0 - 2025-05-20

Features and Enhancements

  • Updated nist.nvd.cves.search to populate the it:exec:query:synuser property.

v3.0.0 - 2025-03-07

Automatic Migrations

  • Migrated :nist:nvd:source, :nist:nvd:modified, and :nist:nvd:published properties from risk:vuln nodes created by Synapse-NIST-NVD to their associated it:sec:cve nodes.

Features and Enhancements

  • Updated Synapse-NIST-NVD ingest logic to populate :nist:nvd:source, :nist:nvd:modified, and :nist:nvd:published properties on it:sec:cve nodes instead of the same properties on risk:vuln nodes which are now deprecated.

v2.1.1 - 2024-10-29

Bugfixes

  • When using nist.nvd.cves.feed where the last modified date is greater than 120 days from now automatically chunk the request in 120 day windows to avoid an error.

v2.1.0 - 2024-08-23

Features and Enhancements

  • Add additional search options to the nist.nvd.cves.search command.

v2.0.0 - 2024-04-01

Features and Enhancements

  • Update risk:vuln node generation to deconflict on the :reporter:name property. This change will cause new risk:vuln nodes to be created, unless :reporter:name=nist for the given CVE ID.

  • Remove --overwrite flag, and always update risk:vuln properties.

  • Always prefer the Primary score when setting CVSS properties.

  • Create ps:contact nodes to represent the NVD source contact.

v1.2.1 - 2024-02-20

Features and Enhancements

  • Update deprecated $lib.dict() usage to JSON style syntax.

v1.2.0 - 2023-06-16

Features and Enhancements

  • Updated to use new CVSS model and $lib.infosec.cvss.vectToScore()

v1.1.0 - 2023-04-17

Features and Enhancements

  • Add nist.nvd.cve.byid command and node action for retrieving information about a specific CVE.

v1.0.0 - 2023-03-01

Features and Enhancements

  • Initial release of the Synapse-NIST-NVD Power-Up