Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(cve/mitre): support go-cve-dictionary:mitre (#1978)

Browse Source 
* feat(cve/mitre): support go-cve-dictionary:mitre

* chore: adopt reviewer comment

* refactor(models): refactor CveContents method
This commit is contained in:
MaineK00n
2024-06-29 16:35:06 +09:00
committed by GitHub
parent 9beb5fc9f0
commit d8173cdd42
15 changed files with 1005 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

150
models/vulninfos_test.go
View File

@@ -917,6 +917,50 @@ func TestMaxCvssScores(t *testing.T) {
},
},
},
// 6 : CVSSv4.0 and CVSSv3.1
{
in: VulnInfo{
CveContents: CveContents{
Mitre: []CveContent{
{
Type: Mitre,
Cvss40Score: 6.9,
Cvss40Vector: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
Cvss40Severity: "MEDIUM",
Cvss3Score: 7.3,
Cvss3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
Cvss3Severity: "HIGH",
Optional: map[string]string{"source": "CNA"},
},
},
Nvd: []CveContent{
{
Type: Nvd,
Cvss3Score: 9.8,
Cvss3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
Cvss3Severity: "CRITICAL",
Optional: map[string]string{"source": "nvd@nist.gov"},
},
{
Type: Nvd,
Cvss3Score: 7.3,
Cvss3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
Cvss3Severity: "HIGH",
Optional: map[string]string{"source": "cna@vuldb.com"},
},
},
},
},
out: CveContentCvss{
Type: Mitre,
Value: Cvss{
Type: CVSS40,
Score: 6.9,
Severity: "MEDIUM",
Vector: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
},
},
},
// Empty
{
in: VulnInfo{},
@@ -1859,3 +1903,109 @@ func TestVulnInfo_PatchStatus(t *testing.T) {
})
}
}
func TestVulnInfo_Cvss40Scores(t *testing.T) {
type fields struct {
CveID string
CveContents CveContents
}
tests := []struct {
name string
fields fields
want []CveContentCvss
}{
{
name: "happy",
fields: fields{
CveID: "CVE-2024-5732",
CveContents: CveContents{
Mitre: []CveContent{
{
Type: Mitre,
Cvss40Score: 6.9,
Cvss40Vector: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
Cvss40Severity: "MEDIUM",
Cvss3Score: 7.3,
Cvss3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
Cvss3Severity: "HIGH",
Optional: map[string]string{"source": "CNA"},
},
},
},
},
want: []CveContentCvss{
{
Type: Mitre,
Value: Cvss{
Type: CVSS40,
Score: 6.9,
Severity: "MEDIUM",
Vector: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
},
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := (VulnInfo{
CveID: tt.fields.CveID,
CveContents: tt.fields.CveContents,
}).Cvss40Scores(); !reflect.DeepEqual(got, tt.want) {
t.Errorf("VulnInfo.Cvss40Scores() = %v, want %v", got, tt.want)
}
})
}
}
func TestVulnInfo_MaxCvss40Score(t *testing.T) {
type fields struct {
CveID string
CveContents CveContents
}
tests := []struct {
name string
fields fields
want CveContentCvss
}{
{
name: "happy",
fields: fields{
CveID: "CVE-2024-5732",
CveContents: CveContents{
Mitre: []CveContent{
{
Type: Mitre,
Cvss40Score: 6.9,
Cvss40Vector: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
Cvss40Severity: "MEDIUM",
Cvss3Score: 7.3,
Cvss3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
Cvss3Severity: "HIGH",
Optional: map[string]string{"source": "CNA"},
},
},
},
},
want: CveContentCvss{
Type: Mitre,
Value: Cvss{
Type: CVSS40,
Score: 6.9,
Severity: "MEDIUM",
Vector: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := (VulnInfo{
CveID: tt.fields.CveID,
CveContents: tt.fields.CveContents,
}).MaxCvss40Score(); !reflect.DeepEqual(got, tt.want) {
t.Errorf("VulnInfo.MaxsCvss40Score() = %v, want %v", got, tt.want)
}
})
}
}