From f443b63924e2692d552828d1f49b4e4cf2566af3 Mon Sep 17 00:00:00 2001
From: Jerry Gamblin <jerry.gamblin@gmail.com>
Date: Wed, 9 Apr 2025 14:32:17 -0400
Subject: [PATCH 1/2] Do Not Allow N/A

Does not allow n/a as the vendor or the product.
---
 schema/CVE_Record_Format.json | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/schema/CVE_Record_Format.json b/schema/CVE_Record_Format.json
index aaf5f5adb7c..4a11f172eba 100644
--- a/schema/CVE_Record_Format.json
+++ b/schema/CVE_Record_Format.json
@@ -125,13 +125,15 @@
                     "type": "string",
                     "description": "Name of the organization, project, community, individual, or user that created or maintains this product or hosted service. Can be 'N/A' if none of those apply. When collectionURL and packageName are used, this field may optionally represent the user or account within the package collection associated with the package.",
                     "minLength": 1,
-                    "maxLength": 512
+                    "maxLength": 512,
+                    "pattern": "^(?!n/a$).*"
                 },
                 "product": {
                     "type": "string",
                     "description": "Name of the affected product.",
                     "minLength": 1,
-                    "maxLength": 2048
+                    "maxLength": 2048,
+                    "pattern": "^(?!n/a$).*"
                 },
                 "collectionURL": {
                     "description": "URL identifying a package collection (determines the meaning of packageName).",

From 1fdadbea2339497030edee78daed0481c7ba659b Mon Sep 17 00:00:00 2001
From: Jerry Gamblin <jerry.gamblin@gmail.com>
Date: Wed, 9 Apr 2025 14:58:17 -0400
Subject: [PATCH 2/2] Update CVE_Record_Format.json

Fix pattern using this information.

https://stackoverflow.com/questions/49102792/regex-find-n-a-word
---
 schema/CVE_Record_Format.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/schema/CVE_Record_Format.json b/schema/CVE_Record_Format.json
index 4a11f172eba..2ce28ea833c 100644
--- a/schema/CVE_Record_Format.json
+++ b/schema/CVE_Record_Format.json
@@ -126,14 +126,14 @@
                     "description": "Name of the organization, project, community, individual, or user that created or maintains this product or hosted service. Can be 'N/A' if none of those apply. When collectionURL and packageName are used, this field may optionally represent the user or account within the package collection associated with the package.",
                     "minLength": 1,
                     "maxLength": 512,
-                    "pattern": "^(?!n/a$).*"
+                    "pattern": "^(?!(n\/a)$).*"
                 },
                 "product": {
                     "type": "string",
                     "description": "Name of the affected product.",
                     "minLength": 1,
                     "maxLength": 2048,
-                    "pattern": "^(?!n/a$).*"
+                    "pattern": "^(?!(n\/a)$).*"
                 },
                 "collectionURL": {
                     "description": "URL identifying a package collection (determines the meaning of packageName).",