Skip to content

sysdig: support 2025 formats#12810

Merged
Maffooch merged 1 commit into
DefectDojo:bugfixfrom
valentijnscholten:sysdig-2025
Jul 21, 2025
Merged

sysdig: support 2025 formats#12810
Maffooch merged 1 commit into
DefectDojo:bugfixfrom
valentijnscholten:sysdig-2025

Conversation

@valentijnscholten

@valentijnscholten valentijnscholten commented Jul 20, 2025

Copy link
Copy Markdown
Member

Sysdig has changed their report formats.

  • csv: changed fieldnames
  • json: changed data format where findings are stored inside a panels element

The parser now supports both formats.

[sc-11618]

@valentijnscholten valentijnscholten added this to the 2.48.3 milestone Jul 20, 2025
@valentijnscholten valentijnscholten marked this pull request as ready for review July 20, 2025 08:18
@dryrunsecurity

Copy link
Copy Markdown

DryRun Security

This pull request contains test data in a unit test file that uses generic placeholders for vulnerability scan information, which could potentially be misinterpreted as real data if not carefully managed, though the risk is considered low and non-blocking.

Test Data Exposure in unittests/scans/sysdig_reports/sysdig-2025.csv
Vulnerability Test Data Exposure
Description Unit test files contain mock vulnerability scan data with generic placeholders. While located in a unit tests directory, these files demonstrate a potential pattern of including sensitive-like information in test data. The files use generic paths, cluster names, and future-dated CVEs, which could be mistaken for real data if not properly managed.

Vulnerability Name,Vulnerability Severity,Package Name,Package Version,Package Type,Package Path,Image Name,OS Name,CVSS Version,CVSS Score,CVSS Vector,Disclosure Date,Fix Available Date,Fix Version,Public Exploit,Kubernetes Cluster Name,Kubernetes Namespace Name,Kubernetes Workload Type,Kubernetes Workload Name,Kubernetes Container Name,Image ID,Package In Use,Risk Accepted,CISA KEV Publish Date,CISA KEV Due Date,CISA KEV Known Ransomware,Fix Available
CVE-2005-2541,Negligible,package name 1,0.0.0.1,OS,/path/path/file.abc,defectdojo/defectdojo-django:latest,debian 12.9,2,10,AV:N/AC:L/Au:N/C:C/I:C/A:C,2005-08-10T04:00:00Z,1970-01-01T00:00:00Z,,false,k8s name 1,defectdojo,Deployment,defectdojo-celery-worker,celery,sha256:a520752f350909c191db45a598a88fcca2fa5db17a340dee6b3d0e36f4122e11,false,false,,,,false
CVE-2005-2541,Negligible,package name 2,0.0.0.2,OS,/path/path/file.abc,defectdojo/defectdojo-django:latest,debian 12.9,2,10,AV:N/AC:L/Au:N/C:C/I:C/A:C,2005-08-10T04:00:00Z,1970-01-01T00:00:00Z,,false,k8s name 2,defectdojo,Deployment,defectdojo-django,uwsgi,sha256:a520752f350909c191db45a598a88fcca2fa5db17a340dee6b3d0e36f4122e11,false,false,,,,false
CVE-2005-2541,Negligible,package name 3,0.0.0.3,OS,/path/path/file.abc,docker.io/bitnami/redis:7.2.5-debian-12-r4,debian 12.6,2,10,AV:N/AC:L/Au:N/C:C/I:C/A:C,2005-08-10T04:00:00Z,1970-01-01T00:00:00Z,,false,k8s name 3,defectdojo,Deployment,defectdojo-redis-master,redis,sha256:a520752f350909c191db45a598a88fcca2fa5db17a340dee6b3d0e36f4122e11,false,false,,,,false
CVE-2025-48379,Critical,package name 4,0.0.0.4,Python,/path/path/path/file.abc,defectdojo/defectdojo-django:latest,debian 12.9,3,9.8,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,2025-07-01T17:29:37Z,2025-07-01T09:15:58Z,11.3.0,false,k8s name 4,defectdojo,Deployment,defectdojo-celery-beat,celery,sha256:a520752f350909c191db45a598a88fcca2fa5db17a340dee6b3d0e36f4122e11,true,false,,,,true
CVE-2025-6021,Critical,package name 5,0.0.0.5,OS,/path/path/file.abc,defectdojo/defectdojo-django:latest,debian 12.9,3,9.8,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,2025-06-12T13:15:25Z,1970-01-01T00:00:00Z,,false,k8s name 5,defectdojo,Deployment,defectdojo-django,uwsgi,sha256:a520752f350909c191db45a598a88fcca2fa5db17a340dee6b3d0e36f4122e11,false,false,,,,false
CVE-2011-10007,Critical,package name 6,0.0.0.6,OS,/path/path/file.abc,docker.io/bitnami/redis:7.2.5-debian-12-r4,debian 12.6,3,9.8,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,2025-06-05T12:15:22Z,1970-01-01T00:00:00Z,0.34-4~deb12u1,false,k8s name 6,defectdojo,Deployment,defectdojo-redis-master,redis,sha256:a520752f350909c191db45a598a88fcca2fa5db17a340dee6b3d0e36f4122e11,false,false,,,,true


All finding details can be found in the DryRun Security Dashboard.

@mtesauro mtesauro left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch merged commit a0d5a03 into DefectDojo:bugfix Jul 21, 2025
84 checks passed
@valentijnscholten valentijnscholten modified the milestones: 2.48.3, 2.48.2 Jul 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants