not working for the new nvd json format

[charlesfg]

from https://nvd.nist.gov/vuln/Data-Feeds/JSON-feed-changelog:

In CVE_JSON_4.0_min.schema, the affects element has been removed from the required properties.
"required": [ "data_type", "data_format", "data_version", "CVE_data_meta", "affects", > "problemtype", "references", "description" ],

This justify the exception on the first attempt to run:

(vulinoss)  ubuntu@charles-vm:~/git/VulinOSS/vulinoss git:(master) ✗ python nvd_json_parser.py /home/ubuntu/vul-work/nvd-data /home/ubuntu/git/VulinOSS/data/highest_cve_rated_oss.csv -m /home/ubuntu/git/VulinOSS/data/nvd_project_name_mapping.csv
Reading NVD project name mapping file /home/ubuntu/git/VulinOSS/data/nvd_project_name_mapping.csv
        Found 102 mappings
ProjectList object created
Parsing json file :: /home/ubuntu/vul-work/nvd-data/nvdcve-1.1-2011.json
Traceback (most recent call last):
  File "nvd_json_parser.py", line 90, in <module>
    vendors = cve_entry['affects']['vendor']['vendor_data']
KeyError: 'affects'

[charlesfg]

@AntonisGkortzis probably I'll take a look into this issue today in a time-box effort. If I was able to make the fix I will issue a PR.

[charlesfg]

Get a look at code and realize that to work with the new version it would need to parse the CPE string to get the information previously available into the affected.

The CPE specs could be find here: https://cpe.mitre.org/specification/

Gladly there is still available the old versions of the NVD json format

https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2020.json.gz