NVD#

# Release history

## 3.3.3, 3.2.4, 3.1.5 (3 July 2024)

**Fixed:**
- Issue where NVD incoming feed wasn't adding the description to every entity.
- Issue where NVD incoming feed package timestamp wasn't calculated properly.
- Issue where NVD incoming feed package would fail due to empty CPE configuration.

## 3.3.2, 3.2.3, 3.1.4 (11 June 2024)

**Add:**
- NVD incoming feed now has the CISA Vulnerability name added to the title.
- NVD incoming feed now has tags for vendor and product from the CPE match string.

## 3.3.1, 3.2.2, 3.1.3 (29 Apr 2024)

**Fixed:**
- Issue where NVD incoming feed wasn't adding Affected Software.

**Add:**
- NVD incoming feed now has custom fields for CVSS 3.1 and 3.0 metrics.
- NVD incoming feed now has a custom field for CPE configuration.


## 3.2.1, 3.1.2, 2.14.2 (27 Dec 2023)

**Changed:**
- NVD incoming feed now supports NVD API v2.0.

**Removed:**
- Support for NVD API v1.0 because it is retired since 15 Dec 2023.

## 3.1.1, 3.0.1, 2.14.1 (25 October 2023)

**Fixed:**

- Typo in "Attack Complexity" entity tags and description.
- Processing configuration children nodes in input's CVE items.


## 2.13.1, 2.12.2, 2.11.5 (7 June 2022)

**Fixed:**

- Issue where NVD Vulnerability Intelligence incoming feed would fail
when encountering packages with URIs containing "#".
Fixed by url-encoding "#" in URIs when processing packages.


## 2.12.1, 2.11.4 (7 June 2022)

**Fixed:**

- Issue where NVD Vulnerability Intelligence incoming feed would fail
when encountering packages with URIs containing square brackets "[]".
Fixed by url-encoding square brackets in URIs when processing packages.


## Release versions: 2.9.1, 2.10.1

Release date: 17 November, 2021

Fixed:

- Issue where incoming feed would fail
  because of missing parameter in requests.


## Initial release

Release date: 5 May, 2021

**Features:**

* Now provides the NVD - National Vulnerability Database incoming feed.