Skip to content

🎉 Add fix_available to KrakenDAudit #13055

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
valentijnscholten merged 2 commits into from
Sep 2, 2025

Update settings.dist.py

3cb19c7
Select commit
Loading
Failed to load commit list.
Merged

🎉 Add fix_available to KrakenDAudit #13055

Update settings.dist.py
3cb19c7
Select commit
Loading
Failed to load commit list.
DryRunSecurity / General Security Analyzer succeeded Aug 26, 2025 in 45s

DryRun Security

Details

General Security Analyzer Findings: 1 detected

⚠️ Incorrect State Reporting / Misinformation dojo/tools/krakend_audit/parser.py (click for details)
Type Incorrect State Reporting / Misinformation
Description The code hardcodes fix_available=True for all findings parsed from KrakenD audit reports. This is problematic because it assumes a fix is always available, which is unlikely to be true for all security findings. This can mislead users about the true remediation status of vulnerabilities, potentially causing them to misprioritize remediation efforts or giving a false sense of security.
Filename dojo/tools/krakend_audit/parser.py
CodeLink

django-DefectDojo/dojo/tools/krakend_audit/parser.py

Lines 29 to 35 in 3cb19c7

mitigation=message,
static_finding=True,
dynamic_finding=False,
fix_available=True,
)
findings.append(finding)
return findings
View more details on DryRunSecurity