Skip to content

cvssv3: backport tests#12457

Merged
valentijnscholten merged 1 commit into
DefectDojo:bugfixfrom
valentijnscholten:cvssv3-capture-regex-behaviour
May 16, 2025
Merged

cvssv3: backport tests#12457
valentijnscholten merged 1 commit into
DefectDojo:bugfixfrom
valentijnscholten:cvssv3-capture-regex-behaviour

Conversation

@valentijnscholten

@valentijnscholten valentijnscholten commented May 15, 2025

Copy link
Copy Markdown
Member

While working on #12440 I decided to add the test cases from there also to the current bugfix branch to capture the old behaviour of the "old" RegEx based cvssv_validator.

This also helps us with understanding #8264

@dryrunsecurity

dryrunsecurity Bot commented May 15, 2025

Copy link
Copy Markdown

DryRun Security

This pull request reveals multiple vulnerabilities related to CVSS vector handling, including inconsistent validation, potential misrepresentation of vulnerability severity, and lenient scoring mechanisms across different test files. Additionally, there is a potential risk of sensitive information exposure through Selenium page source HTML files.

💭 Unconfirmed Findings (5)
Vulnerability Input Validation Weakness in CVSSv3 Vector Handling
Description Discovered in tests/finding_test.py, this finding reveals that the application allows various CVSSv3 vector formats with inconsistent validation, which could lead to unexpected scoring behavior.
Vulnerability Insecure CVSSv3 Vector Handling
Description Found in unittests/test_finding_model.py, the application permits saving arbitrary strings as CVSSv3 vectors, potentially misrepresenting vulnerability severity.
Vulnerability Lenient CVSS Vector Validation
Description Identified in unittests/test_rest_framework.py, the current implementation allows patching of CVSS v3 vectors with validation issues, risking incorrect vulnerability scoring.
Vulnerability Inconsistent CVSS Score Handling
Description Also found in unittests/test_rest_framework.py, the code allows setting manual scores for invalid CVSS vectors, which may lead to misrepresentation of vulnerability severity.
Vulnerability Potential Sensitive Information Exposure
Description Discovered in .gitignore, Selenium page source HTML files might contain sensitive debugging information, posing a risk of accidental exposure of sensitive test data.

All finding details can be found in the DryRun Security Dashboard.

@valentijnscholten valentijnscholten mentioned this pull request May 15, 2025
Closed
3 tasks
@valentijnscholten valentijnscholten added this to the 2.46.3 milestone May 15, 2025
@Maffooch Maffooch requested review from dogboat and hblankenship May 15, 2025 19:59
mtesauro
mtesauro approved these changes May 15, 2025
View reviewed changes

@mtesauro mtesauro left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@valentijnscholten valentijnscholten merged commit 129fddf into DefectDojo:bugfix May 16, 2025
76 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@dogboat dogboat dogboat approved these changes

@Maffooch Maffooch Maffooch approved these changes

+1 more reviewer

@hblankenship hblankenship hblankenship approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

integration_tests unittests

Projects

None yet

Milestone

2.46.3

Development

Successfully merging this pull request may close these issues.

5 participants

@valentijnscholten @mtesauro @dogboat @hblankenship @Maffooch