Analysis_Tools

Source Data Concerns Enhanced Table

Comprehensive enumeration of implemented Source Data Concern checks with exact modal content.

Source Data Concerns Enhanced Table
- Architectural Overview
- Skip Logic Rules

Architectural Overview

All source data concern checks use curated platform data. versions array entries are pre-processed through update pattern transformations to prevent false positives from legitimate update patterns.

Badge/Data Concern Name	Problem Domain	Platform Field Checked	Granular Check	Registry Data Structure	Problem (Exact Modal Text)	Problematic Data (What Gets Displayed)	Resolution (Exact Guidance Text)	Code Location
🟪 🔍 Source Data Concerns (X)	#1 CPE Base String Determination #2 Version Parsing and CPE-AS Generation	`cve.containers..affected[].*`		Structure of concern data storage	Explanation of the issue identified	Relevant data and context	Guidance to resolve and better enable platform automation	`platform_entry_registry.py:3156+`, `badge_modal_system.js:1386+`

🟣 Placeholder Detection
├─	CPE Base String Determination	`cve.containers..affected[].vendor` `cve.containers..affected[].product` `cve.containers..affected[].packageName` `cve.containers..affected[].platforms[*]`	[field] contains GENERAL_PLACEHOLDER_VALUES	`{ "field": "vendor", "sourceValue": "n/a", "detectedPattern": { "detectedValue": "n/a" } }` OR `{ "field": "platforms[0]", "sourceValue": "Unspecified", "detectedPattern": { "detectedValue": "unspecified" } }`	Problem: Property contains placeholder data which prevents [field] identification. OR Array entry contains placeholder data which prevents [field] identification.	Data: Pattern [detected_pattern] detected in [field] content `"[field]": "[sourceValue]"`	Resolution: Replace placeholder data with an appropriate [field] value. OR Replace placeholder data with an appropriate [field] value or leave [field] array empty.	(Refactored) Badge Generation
└─	Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version` `cve.containers..affected[].versions[].lessThan` `cve.containers..affected[].versions[].lessThanOrEqual` `cve.containers..affected[].versions[].changes[*].at`	[field] contains VERSION_PLACEHOLDER_VALUES	`{ "field": "version", "sourceValue": "unknown", "detectedPattern": { "detectedValue": "unknown" } }` OR `{ "field": "changes[0].at", "sourceValue": "TBD", "detectedPattern": { "detectedValue": "tbd" } }`	Problem: Property contains placeholder data which prevents [field] identification.	Data: Pattern [detected_pattern] detected in [field] content `"[field]": "[sourceValue]"`	Resolution: Replace placeholder data with an appropriate [field] value.	(Refactored) Badge Generation

🟣 Mathematical Comparator Detection
├─	CPE Base String Determination	`cve.containers..affected[].vendor`, `cve.containers..affected[].product`, `cve.containers..affected[].packageName`, `cve.containers..affected[].platforms[*]`	[field] contains: ‘<’, ‘>’, ‘=’, ‘<=’, ‘=<’, ‘=>’, ‘>=’, ‘!=’	`{ "field": "vendor", "sourceValue": "apache>=8.0", "detectedPattern": { "detectedValue": ">=" } }` OR `{ "field": "platforms[0]", "sourceValue": ">=linux", "detectedPattern": { "detectedValue": ">=" } }`	Problem: [field] contains mathematical comparators which may impact platform identification.	Data: Pattern [detected_pattern] detected in [field] content `"[field]": "[sourceValue]"`	Resolution: Remove mathematical comparators within [field] content.	(Refactored) Badge Generation
└─	Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version`, `cve.containers..affected[].versions[].lessThan`, `cve.containers..affected[].versions[].lessThanOrEqual`, `cve.containers..affected[].versions[].changes[*].at`	[field] contains: ‘<’, ‘>’, ‘=’, ‘<=’, ‘=<’, ‘=>’, ‘>=’, ‘!=’	`{ "field": "version", "sourceValue": "<=1.2.3", "detectedPattern": { "detectedValue": "<, =" } }` OR `{ "field": "changes[0].at", "sourceValue": "=10.0.0", "detectedPattern": { "detectedValue": "=" } }`	Problem: [field] contains mathematical comparators which may impact version identification and CPE-AS generation.	Data: Pattern [detected_pattern] detected in [field] content `"[field]": "[sourceValue]"`	Resolution: Use the `defaultStatus`, `version`, `lessThan`, `lessThanOrEqual`, `changes[].at` and/or `changes[]status` syntax to precisely represent the intended range boundaries. Example: `"version": "<=1.2.3"` should be represented as `"lessThanOrEqual": "1.2.3"`.	(Refactored) Badge Generation

🟣 Text Comparator Detection
└─	Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version`, `cve.containers..affected[].versions[].lessThan`, `cve.containers..affected[].versions[].lessThanOrEqual`, `cve.containers..affected[].versions[].changes[*].at`	[field] contains: Range separators (‘through’, ‘thru’, ‘to’, ‘between’, ‘and’) Temporal comparators (‘before’, ‘prior to’, ‘earlier than’, ‘up to’, ‘until’, ‘below’, ‘after’, ‘since’, ‘later than’, ‘newer than’, ‘from’, ‘above’) Approximation patterns (‘about’, ‘approximately’, ‘circa’, ‘around’, ‘roughly’)	`{"field": "version","sourceValue": "before 2.1.3","detectedPattern": { "detectedValue": "before" }}`	Problem: [field] contains text based comparator which may impact version identification and CPE-AS generation.	Data: Pattern [detected_pattern] detected in [field] content `"[field]": "[sourceValue]"`	Resolution: Use the `defaultStatus`, `version`, `lessThan`, `lessThanOrEqual`, `changes[].at` and/or `changes[]status` syntax to precisely represent the intended range boundaries. Example: `"version": "before 1.2.3"` should be represented as `"lessThan": "1.2.3"`.	(Refactored) Badge Generation

🟣 Whitespace Detection
├─	CPE Base String Determination	`cve.containers..affected[].vendor`, `cve.containers..affected[].product`, `cve.containers..affected[].packageName`, `cve.containers..affected[].platforms[*]`	[field] contains: leading: `" example"`, trailing: `"example "` excessive: `"e . xample"` whitespace.	`{ field: "vendor", sourceValue: " apache ", detectedPattern: { whitespaceTypes: ["leading", "trailing"], replacedText: "!!apache!!" } }`	Problem: [field] has [leading/trailing/excessive] whitespace which may impact platform identification.	Data: Pattern [detected_pattern] detected in [field] content. Source: `"[field]": "[sourceValue]"` Replaced: `"[field]": "[sourceValueReplacedBy!]"`	Resolution: Remove whitespace from [field] content.	(Refactored) Badge Generation
└─	Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version`, `cve.containers..affected[].versions[].lessThan`, `cve.containers..affected[].versions[].lessThanOrEqual`, `cve.containers..affected[].versions[].changes[*].at`	[field] contains: leading: `" example"`, trailing: `"example "` excessive: `"e . xample"` whitespace.	`{ field: "versions[0].version", sourceValue: " 1.2.3 ", detectedPattern: { whitespaceTypes: ["leading", "trailing"], replacedText: "!!1.2.3!!" } }`	Problem: [field] has [leading/trailing/excessive] whitespace which may impact version identification and CPE-AS generation.	Data: Pattern [detected_pattern] detected in [field] content. Source: `"[field]": "[sourceValue]"` Replaced: `"[field]": "[sourceValueReplacedBy!]"`	Resolution: Remove whitespace from [field] content.	(Refactored) Badge Generation

🟣 Invalid Character Detection
└─	Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version`, `cve.containers..affected[].versions[].lessThan`, `cve.containers..affected[].versions[].lessThanOrEqual`, `cve.containers..affected[].versions[].changes[*].at`	Uses allow-list validation: `a-zA-Z0-9-*_:.+()~` characters	`{ "field": "version", "sourceValue": "1.2.3@build", "detectedPattern": { "detectedValue": "@" } }`	Problem: [field] contains invalid characters which may impact version identification and CPE-AS generation.	Data: Invalid characters [detected_chars] found in [field] content `"[field]": "[sourceValue]"`	Resolution: Review character usage and remove inappropriate characters from [field] content.	(Refactored) Badge Generation

🟣 All Versions Pattern Detection
└─	Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version` `cve.containers..affected[].versions[].lessThan` `cve.containers..affected[].versions[].lessThanOrEqual` `cve.containers..affected[].versions[].changes[*].at`	[field] contains ALL_VERSION_VALUES	`{ "field": "version", "sourceValue": "all versions", "detectedPattern": { "detectedValue": "all versions" } }`	Problem: [field] contains “all versions” pattern which creates additional downstream parsing complexity and may impact version identification or CPE-AS generation.	Data: Pattern [detected_pattern] detected in [field] content `"[field]": "[sourceValue]"`	Resolution: Use “*” for consistent representation of “all versions”.	(Refactored) Badge Generation

🟣 Bloat Text Detection
├─	CPE Base String Determination	`cve.containers..affected[].product` `cve.containers..affected[].packageName`	[field] contains redundant vendor text	`{ "field": "product", "sourceValue": "Vendor Enterprise", "detectedPattern": { "detectedValue": "Vendor", "patternType": "vendor_redundancy" } }`	Problem: [field] contains bloat text which creates additional downstream parsing complexity and may impact platform identification.	Data: Pattern [detected_pattern] (vendor_redundancy) detected in [field] content `"[field]": "[sourceValue]"`	Resolution: CPE Base String Determination: Remove redundant vendor value from the product [field].	(Refactored) Badge Generation
└─	Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version` `cve.containers..affected[].versions[].lessThan` `cve.containers..affected[].versions[].lessThanOrEqual` `cve.containers..affected[].versions[].changes[*].at`	[field] contains BLOAT_TEXT_VALUES	`{ "field": "version", "sourceValue": "Version 2.011", "detectedPattern": { "detectedValue": "version" } }`	Problem: [field] contains bloat text which creates additional downstream parsing complexity and may impact version identification or CPE-AS generation.	Data: Pattern [detected_pattern] detected in [field] content `"[field]": "[sourceValue]"`	Resolution: Remove bloat text from version fields. Example: “Version 2.011” should be represented as “2.011”.	(Refactored) Badge Generation

🟣 Version Granularity Detection
└─	#2 Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[].version`, `cve.containers..affected[].versions[].lessThan`, `cve.containers..affected[].versions[].lessThanOrEqual`, `cve.containers..affected[].versions[].changes[*].at`	[affectedArrayEntry] contains inconsistent version part counts. Ex: `1.0`, `1.0.0`, `1.1.0.0`	`{ field: "version", sourceValue: "1.0.1", detectedPattern: { "base": "1", "granularity": "3" } }`	Problem: Version related fields contain granularity differences which may affect platform matching precision.	Data: Base Group: [base] `"[field]" : "[sourceValue]"` `"[longerField]": "[sourceValue]"`	Resolution: Standardize version granularity across related version sequences while maintaining necessary precision. Example: `1.0, 1.0.1, 1.1.0.0` should be represented as `1.0.0.0, 1.0.1.0, 1.1.0.0`	(Refactored) Badge Generation

🟣 Overlapping Ranges
└─	#2 Version Parsing and CPE-AS Generation	`cve.containers..affected[].versions[*]`	[affectedArrayEntry] contains overlapping ranges which may create ambiguous range definitions. Examples: `{"version": "1.0", "lessThan": "3.0"}` + `{"version": "2.0", "lessThan": "4.0"}`	`{ "field": "versions", "sourceValue": "versions[2] & versions[3]", "detectedPattern": { "overlapType": "partial_overlap", "range1Source": "versions[2]", "range2Source": "versions[3]", "range1": "2.0.0 to 2.5.0", "range2": "2.1.0 to 3.0.0" } }`	Problem: Overlapping version ranges create ambiguous range definitions which may affect platform matching precision.	Data: Overlap Type: [overlapType] Range 1: [range1] (from [range1Source]) Range 2: [range2] (from [range2Source])	Resolution: Use the `defaultStatus`, `version`, `lessThan`, `lessThanOrEqual`, `changes[].at` and/or `changes[]status` syntax to precisely represent the explicit range boundaries.	(Refactored) Badge Generation
└─	#2 Version Parsing and CPE-AS Generation	`cve.containers..affected[]`	[affectedArray] contains multiple entries with identical alias data and versions content that contain overlapping ranges which may create ambiguous range definitions.	`{ "field": "affected[1].versions[*]", "sourceValue": "affected[1].versions[2] & affected[2].versions[3]", "detectedPattern": { "overlapType": "partial_overlap", "range1Source": "affected[1].versions[2]", "range2Source": "affected[2].versions[3]", "range1": "5.0.0 to 6.5.0", "range2": "5.1.0 to 7.0.0" } }`	Problem: Overlapping version ranges create ambiguous range definitions which may affect platform matching precision.	Data: Overlap Type: [overlapType] Range 1: [range1] (from [range1Source]) Range 2: [range2] (from [range2Source])	Resolution: Replace multiple affected array entries for the same platform with a singular consolidated entry for identical platform instances. Use the `defaultStatus`, `version`, `lessThan`, `lessThanOrEqual`, `changes[].at` and/or `changes[]status` syntax to precisely represent the explicit range boundaries.	(Refactored) Badge Generation

Skip Logic Rules

To eliminate improper multi-count findings where the same underlying issue triggers multiple detection groups, the following skip conditions are implemented:

Priority	Detection Group	Skip Conditions	Rationale	Implementation
1	placeholderData	Skip ALL other detections for this field if detected	Placeholder values indicate intentionally incomplete data - other “issues” are meaningless noise	Early return for field after placeholder detection
2	mathematicalComparators	Skip invalidCharacters detection for `<`, `>`, `=`, `!` if detected	Mathematical operators are valid in version contexts - not invalid characters	Exclude these characters from invalid character scan
3	textComparators	Skip invalidCharacters detection for `space` if TEXT_COMPARATOR_REGEX_PATTERNS detected	Only hyphenated ranges (e.g., “1.0 - 2.0”) use structural spaces	Exclude space character when regex patterns detected
4	whitespaceIssues	Skip invalidCharacters detection for `space` if detected	Space character whitespace issues shouldn’t also be flagged as invalid	Exclude space character from invalid character scan
5-9	All Others	No skip conditions	Independent detections that can legitimately coexist	Standard processing

Key Overlap Examples Resolved:

"n/a" → Placeholder only (skips “/” invalid character detection)
"<= 3.1.4" → Mathematical + InvalidChar (excludes “<”, “=”, “!” from invalid scan)
"1.0 - 2.0" → TextComparator + InvalidChar (excludes space from invalid scan for regex patterns only)
" apache " → Whitespace + InvalidChar (excludes space from invalid scan)