From 92296774085f76d59a53e54b202a30c97b0dae98 Mon Sep 17 00:00:00 2001 From: Jino Tesauro Date: Wed, 29 Oct 2025 11:15:42 -0500 Subject: [PATCH 1/4] Made file changes to test in dojo pro --- dojo/jira_link/helper.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py index bf2b0101fed..bc19bded931 100644 --- a/dojo/jira_link/helper.py +++ b/dojo/jira_link/helper.py @@ -783,6 +783,9 @@ def push_finding_to_jira(finding, *args, **kwargs): @app.task @dojo_model_from_id(model=Finding_Group) def push_finding_group_to_jira(finding_group, *args, **kwargs): + # Look for findings that have a single ticket associations + for finding in finding_group.findings.filter(jira_issue__isnull=False): + update_jira_issue(finding, *args, **kwargs) if finding_group.has_jira_issue: return update_jira_issue(finding_group, *args, **kwargs) return add_jira_issue(finding_group, *args, **kwargs) From cc0c3301e72c4320474d20d86c9ce63d771d2b2a Mon Sep 17 00:00:00 2001 From: Jino Tesauro Date: Fri, 31 Oct 2025 10:52:54 -0500 Subject: [PATCH 2/4] Changed logic so that individual findings are pushed to jira only after the groups association is confirmed --- dojo/jira_link/helper.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py index bc19bded931..ba3c06e36bb 100644 --- a/dojo/jira_link/helper.py +++ b/dojo/jira_link/helper.py @@ -783,10 +783,11 @@ def push_finding_to_jira(finding, *args, **kwargs): @app.task @dojo_model_from_id(model=Finding_Group) def push_finding_group_to_jira(finding_group, *args, **kwargs): - # Look for findings that have a single ticket associations - for finding in finding_group.findings.filter(jira_issue__isnull=False): - update_jira_issue(finding, *args, **kwargs) if finding_group.has_jira_issue: + # Look for findings that have single ticket associations seperate from the group + for finding in finding_group.findings.filter(jira_issue__isnull=False): + update_jira_issue(finding, *args, **kwargs) + #Update the jira issue for the group return update_jira_issue(finding_group, *args, **kwargs) return add_jira_issue(finding_group, *args, **kwargs) From c0e83a484761015218eb5465027c47a3d2df2052 Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Fri, 31 Oct 2025 12:05:03 -0600 Subject: [PATCH 3/4] Apply suggestion from @Maffooch --- dojo/jira_link/helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py index ba3c06e36bb..b6214ac197f 100644 --- a/dojo/jira_link/helper.py +++ b/dojo/jira_link/helper.py @@ -787,7 +787,7 @@ def push_finding_group_to_jira(finding_group, *args, **kwargs): # Look for findings that have single ticket associations seperate from the group for finding in finding_group.findings.filter(jira_issue__isnull=False): update_jira_issue(finding, *args, **kwargs) - #Update the jira issue for the group + # Update the jira issue for the group return update_jira_issue(finding_group, *args, **kwargs) return add_jira_issue(finding_group, *args, **kwargs) From 7de10d05b376c71f072aeaed99b856390a45d20b Mon Sep 17 00:00:00 2001 From: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Date: Tue, 4 Nov 2025 11:04:35 -0700 Subject: [PATCH 4/4] Rerecord tests --- dojo/jira_link/helper.py | 6 +- ...est_groups_create_edit_update_finding.yaml | 4370 ++++++++++------- 2 files changed, 2589 insertions(+), 1787 deletions(-) diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py index b6214ac197f..c3df5e1cf37 100644 --- a/dojo/jira_link/helper.py +++ b/dojo/jira_link/helper.py @@ -783,10 +783,10 @@ def push_finding_to_jira(finding, *args, **kwargs): @app.task @dojo_model_from_id(model=Finding_Group) def push_finding_group_to_jira(finding_group, *args, **kwargs): + # Look for findings that have single ticket associations separate from the group + for finding in finding_group.findings.filter(jira_issue__isnull=False): + update_jira_issue(finding, *args, **kwargs) if finding_group.has_jira_issue: - # Look for findings that have single ticket associations seperate from the group - for finding in finding_group.findings.filter(jira_issue__isnull=False): - update_jira_issue(finding, *args, **kwargs) # Update the jira issue for the group return update_jira_issue(finding_group, *args, **kwargs) return add_jira_issue(finding_group, *args, **kwargs) diff --git a/unittests/vcr/jira/JIRAImportAndPushTestApi.test_groups_create_edit_update_finding.yaml b/unittests/vcr/jira/JIRAImportAndPushTestApi.test_groups_create_edit_update_finding.yaml index 37a72f9bd80..27cb4916548 100644 --- a/unittests/vcr/jira/JIRAImportAndPushTestApi.test_groups_create_edit_update_finding.yaml +++ b/unittests/vcr/jira/JIRAImportAndPushTestApi.test_groups_create_edit_update_finding.yaml @@ -2,14 +2,14 @@ interactions: - request: body: '{"description": "Event test_added has occurred.", "title": "Test created for Security How-to: 1st Quarter Engagement: NPM Audit Scan", "user": null, - "url_ui": "http://localhost:8080/test/95", "url_api": "http://localhost:8080/api/v2/tests/95/", + "url_ui": "http://localhost:8080/test/92", "url_api": "http://localhost:8080/api/v2/tests/92/", "product_type": {"name": "ebooks", "id": 2, "url_ui": "http://localhost:8080/product/type/2", "url_api": "http://localhost:8080/api/v2/product_types/2/"}, "product": {"name": "Security How-to", "id": 2, "url_ui": "http://localhost:8080/product/2", "url_api": "http://localhost:8080/api/v2/products/2/"}, "engagement": {"name": "1st Quarter Engagement", "id": 1, "url_ui": "http://localhost:8080/engagement/1", "url_api": "http://localhost:8080/api/v2/engagements/1/"}, "test": {"title": null, "id": - 95, "url_ui": "http://localhost:8080/test/95", "url_api": "http://localhost:8080/api/v2/tests/95/"}}' + 92, "url_ui": "http://localhost:8080/test/92", "url_api": "http://localhost:8080/api/v2/tests/92/"}}' headers: Accept: - application/json @@ -24,7 +24,7 @@ interactions: Content-Type: - application/json User-Agent: - - DefectDojo-2.48.4 + - DefectDojo-2.52.0-dev X-DefectDojo-Event: - test_added X-DefectDojo-Instance: @@ -38,22 +38,22 @@ interactions: [\n \"Token xxx\"\n ],\n \"Connection\": [\n \"keep-alive\"\n \ ],\n \"Content-Length\": [\n \"844\"\n ],\n \"Content-Type\": [\n \"application/json\"\n ],\n \"Host\": [\n \"webhook.endpoint:8080\"\n - \ ],\n \"User-Agent\": [\n \"DefectDojo-2.48.4\"\n ],\n \"X-Defectdojo-Event\": + \ ],\n \"User-Agent\": [\n \"DefectDojo-2.52.0-dev\"\n ],\n \"X-Defectdojo-Event\": [\n \"test_added\"\n ],\n \"X-Defectdojo-Instance\": [\n \"http://localhost:8080\"\n - \ ]\n },\n \"method\": \"POST\",\n \"origin\": \"10.250.1.7\",\n \"url\": + \ ]\n },\n \"method\": \"POST\",\n \"origin\": \"172.18.0.7\",\n \"url\": \"http://webhook.endpoint:8080/post\",\n \"data\": \"{\\\"description\\\": \\\"Event test_added has occurred.\\\", \\\"title\\\": \\\"Test created for Security How-to: 1st Quarter Engagement: NPM Audit Scan\\\", \\\"user\\\": - null, \\\"url_ui\\\": \\\"http://localhost:8080/test/95\\\", \\\"url_api\\\": - \\\"http://localhost:8080/api/v2/tests/95/\\\", \\\"product_type\\\": {\\\"name\\\": + null, \\\"url_ui\\\": \\\"http://localhost:8080/test/92\\\", \\\"url_api\\\": + \\\"http://localhost:8080/api/v2/tests/92/\\\", \\\"product_type\\\": {\\\"name\\\": \\\"ebooks\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/type/2\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/product_types/2/\\\"}, \\\"product\\\": {\\\"name\\\": \\\"Security How-to\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/2\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/products/2/\\\"}, \\\"engagement\\\": {\\\"name\\\": \\\"1st Quarter Engagement\\\", \\\"id\\\": 1, \\\"url_ui\\\": \\\"http://localhost:8080/engagement/1\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/engagements/1/\\\"}, - \\\"test\\\": {\\\"title\\\": null, \\\"id\\\": 95, \\\"url_ui\\\": \\\"http://localhost:8080/test/95\\\", - \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/95/\\\"}}\",\n \"files\": + \\\"test\\\": {\\\"title\\\": null, \\\"id\\\": 92, \\\"url_ui\\\": \\\"http://localhost:8080/test/92\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/92/\\\"}}\",\n \"files\": {},\n \"form\": {},\n \"json\": {\n \"description\": \"Event test_added has occurred.\",\n \"engagement\": {\n \"id\": 1,\n \"name\": \"1st Quarter Engagement\",\n \"url_api\": \"http://localhost:8080/api/v2/engagements/1/\",\n @@ -63,11 +63,11 @@ interactions: \ },\n \"product_type\": {\n \"id\": 2,\n \"name\": \"ebooks\",\n \ \"url_api\": \"http://localhost:8080/api/v2/product_types/2/\",\n \"url_ui\": \"http://localhost:8080/product/type/2\"\n },\n \"test\": {\n \"id\": - 95,\n \"title\": null,\n \"url_api\": \"http://localhost:8080/api/v2/tests/95/\",\n - \ \"url_ui\": \"http://localhost:8080/test/95\"\n },\n \"title\": + 92,\n \"title\": null,\n \"url_api\": \"http://localhost:8080/api/v2/tests/92/\",\n + \ \"url_ui\": \"http://localhost:8080/test/92\"\n },\n \"title\": \"Test created for Security How-to: 1st Quarter Engagement: NPM Audit Scan\",\n - \ \"url_api\": \"http://localhost:8080/api/v2/tests/95/\",\n \"url_ui\": - \"http://localhost:8080/test/95\",\n \"user\": null\n }\n}\n" + \ \"url_api\": \"http://localhost:8080/api/v2/tests/92/\",\n \"url_ui\": + \"http://localhost:8080/test/92\",\n \"user\": null\n }\n}\n" headers: Access-Control-Allow-Credentials: - 'true' @@ -76,7 +76,7 @@ interactions: Content-Type: - application/json; charset=utf-8 Date: - - Fri, 25 Jul 2025 19:02:56 GMT + - Tue, 04 Nov 2025 18:02:04 GMT Transfer-Encoding: - chunked status: @@ -85,32 +85,32 @@ interactions: - request: body: '{"description": "Event scan_added has occurred.", "title": "Created/Updated 5 findings for Security How-to: 1st Quarter Engagement: NPM Audit Scan", "user": - null, "url_ui": "http://localhost:8080/test/95", "url_api": "http://localhost:8080/api/v2/tests/95/", + null, "url_ui": "http://localhost:8080/test/92", "url_api": "http://localhost:8080/api/v2/tests/92/", "product_type": {"name": "ebooks", "id": 2, "url_ui": "http://localhost:8080/product/type/2", "url_api": "http://localhost:8080/api/v2/product_types/2/"}, "product": {"name": "Security How-to", "id": 2, "url_ui": "http://localhost:8080/product/2", "url_api": "http://localhost:8080/api/v2/products/2/"}, "engagement": {"name": "1st Quarter Engagement", "id": 1, "url_ui": "http://localhost:8080/engagement/1", "url_api": "http://localhost:8080/api/v2/engagements/1/"}, "test": {"title": null, "id": - 95, "url_ui": "http://localhost:8080/test/95", "url_api": "http://localhost:8080/api/v2/tests/95/"}, - "finding_count": 5, "findings": {"new": [{"id": 247, "title": "2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)", "severity": "High", "url_ui": "http://localhost:8080/finding/247", - "url_api": "http://localhost:8080/api/v2/findings/247/"}, {"id": 248, "title": + 92, "url_ui": "http://localhost:8080/test/92", "url_api": "http://localhost:8080/api/v2/tests/92/"}, + "finding_count": 5, "findings": {"new": [{"id": 235, "title": "2222Regular Expression + Denial of Service - (Negotiator, <= 0.6.0)", "severity": "High", "url_ui": "http://localhost:8080/finding/235", + "url_api": "http://localhost:8080/api/v2/findings/235/"}, {"id": 236, "title": "Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)", - "severity": "High", "url_ui": "http://localhost:8080/finding/248", "url_api": - "http://localhost:8080/api/v2/findings/248/"}, {"id": 246, "title": "Regular + "severity": "High", "url_ui": "http://localhost:8080/finding/236", "url_api": + "http://localhost:8080/api/v2/findings/236/"}, {"id": 234, "title": "Regular Expression Denial of Service - (Negotiator, <= 0.6.0)", "severity": "Medium", - "url_ui": "http://localhost:8080/finding/246", "url_api": "http://localhost:8080/api/v2/findings/246/"}, - {"id": 249, "title": "Regular Expression Denial of Service - (Fresh, < 0.5.2)", - "severity": "Medium", "url_ui": "http://localhost:8080/finding/249", "url_api": - "http://localhost:8080/api/v2/findings/249/"}, {"id": 250, "title": "2222Remote + "url_ui": "http://localhost:8080/finding/234", "url_api": "http://localhost:8080/api/v2/findings/234/"}, + {"id": 237, "title": "Regular Expression Denial of Service - (Fresh, < 0.5.2)", + "severity": "Medium", "url_ui": "http://localhost:8080/finding/237", "url_api": + "http://localhost:8080/api/v2/findings/237/"}, {"id": 238, "title": "2222Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)", - "severity": "Medium", "url_ui": "http://localhost:8080/finding/250", "url_api": - "http://localhost:8080/api/v2/findings/250/"}], "reactivated": [], "mitigated": + "severity": "Medium", "url_ui": "http://localhost:8080/finding/238", "url_api": + "http://localhost:8080/api/v2/findings/238/"}], "reactivated": [], "mitigated": [], "untouched": []}}' headers: Accept: @@ -126,7 +126,7 @@ interactions: Content-Type: - application/json User-Agent: - - DefectDojo-2.48.4 + - DefectDojo-2.52.0-dev X-DefectDojo-Event: - scan_added X-DefectDojo-Instance: @@ -140,82 +140,82 @@ interactions: [\n \"Token xxx\"\n ],\n \"Connection\": [\n \"keep-alive\"\n \ ],\n \"Content-Length\": [\n \"2373\"\n ],\n \"Content-Type\": [\n \"application/json\"\n ],\n \"Host\": [\n \"webhook.endpoint:8080\"\n - \ ],\n \"User-Agent\": [\n \"DefectDojo-2.48.4\"\n ],\n \"X-Defectdojo-Event\": + \ ],\n \"User-Agent\": [\n \"DefectDojo-2.52.0-dev\"\n ],\n \"X-Defectdojo-Event\": [\n \"scan_added\"\n ],\n \"X-Defectdojo-Instance\": [\n \"http://localhost:8080\"\n - \ ]\n },\n \"method\": \"POST\",\n \"origin\": \"10.250.1.7\",\n \"url\": + \ ]\n },\n \"method\": \"POST\",\n \"origin\": \"172.18.0.7\",\n \"url\": \"http://webhook.endpoint:8080/post\",\n \"data\": \"{\\\"description\\\": \\\"Event scan_added has occurred.\\\", \\\"title\\\": \\\"Created/Updated 5 findings for Security How-to: 1st Quarter Engagement: NPM Audit Scan\\\", - \\\"user\\\": null, \\\"url_ui\\\": \\\"http://localhost:8080/test/95\\\", - \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/95/\\\", \\\"product_type\\\": + \\\"user\\\": null, \\\"url_ui\\\": \\\"http://localhost:8080/test/92\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/92/\\\", \\\"product_type\\\": {\\\"name\\\": \\\"ebooks\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/type/2\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/product_types/2/\\\"}, \\\"product\\\": {\\\"name\\\": \\\"Security How-to\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/2\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/products/2/\\\"}, \\\"engagement\\\": {\\\"name\\\": \\\"1st Quarter Engagement\\\", \\\"id\\\": 1, \\\"url_ui\\\": \\\"http://localhost:8080/engagement/1\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/engagements/1/\\\"}, - \\\"test\\\": {\\\"title\\\": null, \\\"id\\\": 95, \\\"url_ui\\\": \\\"http://localhost:8080/test/95\\\", - \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/95/\\\"}, \\\"finding_count\\\": - 5, \\\"findings\\\": {\\\"new\\\": [{\\\"id\\\": 247, \\\"title\\\": \\\"2222Regular + \\\"test\\\": {\\\"title\\\": null, \\\"id\\\": 92, \\\"url_ui\\\": \\\"http://localhost:8080/test/92\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/92/\\\"}, \\\"finding_count\\\": + 5, \\\"findings\\\": {\\\"new\\\": [{\\\"id\\\": 235, \\\"title\\\": \\\"2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)\\\", \\\"severity\\\": - \\\"High\\\", \\\"url_ui\\\": \\\"http://localhost:8080/finding/247\\\", \\\"url_api\\\": - \\\"http://localhost:8080/api/v2/findings/247/\\\"}, {\\\"id\\\": 248, \\\"title\\\": + \\\"High\\\", \\\"url_ui\\\": \\\"http://localhost:8080/finding/235\\\", \\\"url_api\\\": + \\\"http://localhost:8080/api/v2/findings/235/\\\"}, {\\\"id\\\": 236, \\\"title\\\": \\\"Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)\\\", \\\"severity\\\": \\\"High\\\", \\\"url_ui\\\": - \\\"http://localhost:8080/finding/248\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/248/\\\"}, - {\\\"id\\\": 246, \\\"title\\\": \\\"Regular Expression Denial of Service + \\\"http://localhost:8080/finding/236\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/236/\\\"}, + {\\\"id\\\": 234, \\\"title\\\": \\\"Regular Expression Denial of Service - (Negotiator, <= 0.6.0)\\\", \\\"severity\\\": \\\"Medium\\\", \\\"url_ui\\\": - \\\"http://localhost:8080/finding/246\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/246/\\\"}, - {\\\"id\\\": 249, \\\"title\\\": \\\"Regular Expression Denial of Service + \\\"http://localhost:8080/finding/234\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/234/\\\"}, + {\\\"id\\\": 237, \\\"title\\\": \\\"Regular Expression Denial of Service - (Fresh, < 0.5.2)\\\", \\\"severity\\\": \\\"Medium\\\", \\\"url_ui\\\": - \\\"http://localhost:8080/finding/249\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/249/\\\"}, - {\\\"id\\\": 250, \\\"title\\\": \\\"2222Remote Code Execution - (Pg, < 2.11.2 + \\\"http://localhost:8080/finding/237\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/237/\\\"}, + {\\\"id\\\": 238, \\\"title\\\": \\\"2222Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)\\\", \\\"severity\\\": \\\"Medium\\\", - \\\"url_ui\\\": \\\"http://localhost:8080/finding/250\\\", \\\"url_api\\\": - \\\"http://localhost:8080/api/v2/findings/250/\\\"}], \\\"reactivated\\\": + \\\"url_ui\\\": \\\"http://localhost:8080/finding/238\\\", \\\"url_api\\\": + \\\"http://localhost:8080/api/v2/findings/238/\\\"}], \\\"reactivated\\\": [], \\\"mitigated\\\": [], \\\"untouched\\\": []}}\",\n \"files\": {},\n \ \"form\": {},\n \"json\": {\n \"description\": \"Event scan_added has occurred.\",\n \"engagement\": {\n \"id\": 1,\n \"name\": \"1st Quarter Engagement\",\n \"url_api\": \"http://localhost:8080/api/v2/engagements/1/\",\n \ \"url_ui\": \"http://localhost:8080/engagement/1\"\n },\n \"finding_count\": 5,\n \"findings\": {\n \"mitigated\": [],\n \"new\": [\n {\n - \ \"id\": 247,\n \"severity\": \"High\",\n \"title\": + \ \"id\": 235,\n \"severity\": \"High\",\n \"title\": \"2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)\",\n \"url_api\": - \"http://localhost:8080/api/v2/findings/247/\",\n \"url_ui\": \"http://localhost:8080/finding/247\"\n - \ },\n {\n \"id\": 248,\n \"severity\": \"High\",\n + \"http://localhost:8080/api/v2/findings/235/\",\n \"url_ui\": \"http://localhost:8080/finding/235\"\n + \ },\n {\n \"id\": 236,\n \"severity\": \"High\",\n \ \"title\": \"Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= - 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)\",\n \"url_api\": \"http://localhost:8080/api/v2/findings/248/\",\n - \ \"url_ui\": \"http://localhost:8080/finding/248\"\n },\n - \ {\n \"id\": 246,\n \"severity\": \"Medium\",\n \"title\": + 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)\",\n \"url_api\": \"http://localhost:8080/api/v2/findings/236/\",\n + \ \"url_ui\": \"http://localhost:8080/finding/236\"\n },\n + \ {\n \"id\": 234,\n \"severity\": \"Medium\",\n \"title\": \"Regular Expression Denial of Service - (Negotiator, <= 0.6.0)\",\n \"url_api\": - \"http://localhost:8080/api/v2/findings/246/\",\n \"url_ui\": \"http://localhost:8080/finding/246\"\n - \ },\n {\n \"id\": 249,\n \"severity\": \"Medium\",\n + \"http://localhost:8080/api/v2/findings/234/\",\n \"url_ui\": \"http://localhost:8080/finding/234\"\n + \ },\n {\n \"id\": 237,\n \"severity\": \"Medium\",\n \ \"title\": \"Regular Expression Denial of Service - (Fresh, < 0.5.2)\",\n - \ \"url_api\": \"http://localhost:8080/api/v2/findings/249/\",\n \"url_ui\": - \"http://localhost:8080/finding/249\"\n },\n {\n \"id\": - 250,\n \"severity\": \"Medium\",\n \"title\": \"2222Remote + \ \"url_api\": \"http://localhost:8080/api/v2/findings/237/\",\n \"url_ui\": + \"http://localhost:8080/finding/237\"\n },\n {\n \"id\": + 238,\n \"severity\": \"Medium\",\n \"title\": \"2222Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < - 7.1.2)\",\n \"url_api\": \"http://localhost:8080/api/v2/findings/250/\",\n - \ \"url_ui\": \"http://localhost:8080/finding/250\"\n }\n ],\n + 7.1.2)\",\n \"url_api\": \"http://localhost:8080/api/v2/findings/238/\",\n + \ \"url_ui\": \"http://localhost:8080/finding/238\"\n }\n ],\n \ \"reactivated\": [],\n \"untouched\": []\n },\n \"product\": {\n \"id\": 2,\n \"name\": \"Security How-to\",\n \"url_api\": \"http://localhost:8080/api/v2/products/2/\",\n \"url_ui\": \"http://localhost:8080/product/2\"\n \ },\n \"product_type\": {\n \"id\": 2,\n \"name\": \"ebooks\",\n \ \"url_api\": \"http://localhost:8080/api/v2/product_types/2/\",\n \"url_ui\": \"http://localhost:8080/product/type/2\"\n },\n \"test\": {\n \"id\": - 95,\n \"title\": null,\n \"url_api\": \"http://localhost:8080/api/v2/tests/95/\",\n - \ \"url_ui\": \"http://localhost:8080/test/95\"\n },\n \"title\": + 92,\n \"title\": null,\n \"url_api\": \"http://localhost:8080/api/v2/tests/92/\",\n + \ \"url_ui\": \"http://localhost:8080/test/92\"\n },\n \"title\": \"Created/Updated 5 findings for Security How-to: 1st Quarter Engagement: - NPM Audit Scan\",\n \"url_api\": \"http://localhost:8080/api/v2/tests/95/\",\n - \ \"url_ui\": \"http://localhost:8080/test/95\",\n \"user\": null\n }\n}\n" + NPM Audit Scan\",\n \"url_api\": \"http://localhost:8080/api/v2/tests/92/\",\n + \ \"url_ui\": \"http://localhost:8080/test/92\",\n \"user\": null\n }\n}\n" headers: Access-Control-Allow-Credentials: - 'true' @@ -224,7 +224,7 @@ interactions: Content-Type: - application/json; charset=utf-8 Date: - - Fri, 25 Jul 2025 19:02:56 GMT + - Tue, 04 Nov 2025 18:02:04 GMT Transfer-Encoding: - chunked status: @@ -244,17 +244,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:02:57.595+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:04.511+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 87e09610-cc06-4a8a-a197-0e9ce1263593 + - 84eb414d-a348-4388-8632-08caec20d928 Atl-Traceid: - - 87e09610cc064a8aa1970e9ce1263593 + - 84eb414da3484388863208caec20d928 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -264,7 +264,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:02:57 GMT + - Tue, 04 Nov 2025 18:02:04 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -274,7 +274,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=328,atl-edge;dur=323,atl-edge-internal;dur=14,atl-edge-upstream;dur=309,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="FQD4czgzlQ9F5YGvQGP7yj0lV5y5pAwBZB7XaNOg0qMzKGBIq2Xa3A==",cdn-downstream-fbl;dur=331 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=250,atl-edge;dur=227,atl-edge-internal;dur=13,atl-edge-upstream;dur=214,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="Gfcwv0to1yWDtbW7j2ULUXR1haCo_GCu4Cct8PTcUas_LkF20tC8eg==",cdn-downstream-fbl;dur=253 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -284,15 +284,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 902b6168cd46b8e2de576dabe4e7f0f8.cloudfront.net (CloudFront) + - 1.1 c11dc3a4786e038ddffb5e925a892302.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - FQD4czgzlQ9F5YGvQGP7yj0lV5y5pAwBZB7XaNOg0qMzKGBIq2Xa3A== + - Gfcwv0to1yWDtbW7j2ULUXR1haCo_GCu4Cct8PTcUas_LkF20tC8eg== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P3 X-Arequestid: - - c23d70909455da51af7da0dbd61404da + - ea35da2fcae8ee7faf589d20046347c8 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -316,7 +320,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -330,9 +334,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - b1a19c85-bff0-4945-b173-283a8bd53ba8 + - 74ad6563-7915-49c1-a310-525d8ad81ddf Atl-Traceid: - - b1a19c85bff04945b173283a8bd53ba8 + - 74ad6563791549c1a310525d8ad81ddf Cache-Control: - no-cache, no-store, no-transform Connection: @@ -342,7 +346,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:02:59 GMT + - Tue, 04 Nov 2025 18:02:05 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -352,7 +356,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=489,atl-edge;dur=486,atl-edge-internal;dur=15,atl-edge-upstream;dur=471,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="5-rw1PtU3FIpq8dtpbsC-bGhD0B43quh_X5uB7YTZ-RRZtD-ywLNvg==",cdn-downstream-fbl;dur=492 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=409,atl-edge;dur=387,atl-edge-internal;dur=17,atl-edge-upstream;dur=370,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="ERcuFkqXvhUWrBbjbx65xkdwuJ9CC7UCRONZbIMrGvFulq80JsAflg==",cdn-downstream-fbl;dur=414 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -362,18 +366,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 da84bd533f95bc21581ad9f33da5b73a.cloudfront.net (CloudFront) + - 1.1 d7b3fa0ef559ab3ac226fc78e47d311a.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 5-rw1PtU3FIpq8dtpbsC-bGhD0B43quh_X5uB7YTZ-RRZtD-ywLNvg== + - ERcuFkqXvhUWrBbjbx65xkdwuJ9CC7UCRONZbIMrGvFulq80JsAflg== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P1 X-Arequestid: - - af9afffbde195f59fc4dbedb0333868c + - 8320bc1f1ee4ae6b83bc30b3914118e0 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -387,20 +395,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified and + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -410,9 +418,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of - Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -432,21 +440,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3540' + - '3538' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: POST uri: https://defectdojo.atlassian.net/rest/api/2/issue response: body: - string: '{"id":"21268","key":"NTEST-3089","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268"}' + string: '{"id":"23615","key":"NTEST-3174","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615"}' headers: Atl-Request-Id: - - 78fb4eef-4458-4109-9bb0-df8773d2c147 + - fd86d71b-2e0b-414c-93bf-83227145a1f9 Atl-Traceid: - - 78fb4eef445841099bb0df8773d2c147 + - fd86d71b2e0b414c93bf83227145a1f9 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -454,7 +462,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:00 GMT + - Tue, 04 Nov 2025 18:02:06 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -464,7 +472,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=901,atl-edge;dur=895,atl-edge-internal;dur=15,atl-edge-upstream;dur=880,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P2",cdn-rid;desc="StrjBrHSWCvNqr8OI1ytGk1aPN-7X4_XoZKbH3j4tp7rA5CiR84NKw==",cdn-downstream-fbl;dur=904 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=854,atl-edge;dur=832,atl-edge-internal;dur=16,atl-edge-upstream;dur=815,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="f2xEZR96D6xpQ9OomNDKv3lfWsjZhVty-qF1wdICuCwfC0l5iO0TuQ==",cdn-downstream-fbl;dur=859 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -474,15 +482,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 4ec881b9cff95ab6b1f20a72ee8404c4.cloudfront.net (CloudFront) + - 1.1 96b078df4a5d96ad3cc52cfe9d984774.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - StrjBrHSWCvNqr8OI1ytGk1aPN-7X4_XoZKbH3j4tp7rA5CiR84NKw== + - f2xEZR96D6xpQ9OomNDKv3lfWsjZhVty-qF1wdICuCwfC0l5iO0TuQ== X-Amz-Cf-Pop: - - SYD3-P2 + - DEN52-P1 X-Arequestid: - - 9e58b841e389843ef81eb21c4222b6d5 + - 1ce41d39aece41fe84b44e5ce0cc8d06 + X-Beta-Ratelimit-Limit: + - '200' + X-Beta-Ratelimit-Remaining: + - '199' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -506,32 +518,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -541,9 +553,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -553,12 +565,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 688e55f3-3299-470b-9150-2d0dc672cc34 + - 96839452-3336-4f57-8765-9c56c75eeac2 Atl-Traceid: - - 688e55f33299470b91502d0dc672cc34 + - 9683945233364f5787659c56c75eeac2 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -568,7 +580,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:02 GMT + - Tue, 04 Nov 2025 18:02:06 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -578,7 +590,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=406,atl-edge;dur=404,atl-edge-internal;dur=15,atl-edge-upstream;dur=389,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="brH9xqsPkfS-JMNJkxvM4Eu8lhNhdl202zBRFUvZadcrq-TUP29tHA==",cdn-downstream-fbl;dur=410 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=280,atl-edge;dur=257,atl-edge-internal;dur=18,atl-edge-upstream;dur=240,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="0k39cfEPK8vpFSYLsBoMQwFrZviUH94jg3gHiPyLSBzhW3kDLCTrJg==",cdn-downstream-fbl;dur=284 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -588,15 +600,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront) + - 1.1 f6327093dd59f54131617ea3ab04bd94.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - brH9xqsPkfS-JMNJkxvM4Eu8lhNhdl202zBRFUvZadcrq-TUP29tHA== + - 0k39cfEPK8vpFSYLsBoMQwFrZviUH94jg3gHiPyLSBzhW3kDLCTrJg== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P2 X-Arequestid: - - e7edb0b415127803592cbc45a7e5a4b5 + - ec452c2a04c8d88d082d8c4db2d5cb8d + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -620,32 +636,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -655,9 +671,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -667,12 +683,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 1a96f827-aca4-410c-9d88-cb4b590df03f + - 698ab61c-4988-460f-a848-47aafb0030f7 Atl-Traceid: - - 1a96f827aca4410c9d88cb4b590df03f + - 698ab61c4988460fa84847aafb0030f7 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -682,7 +698,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:03 GMT + - Tue, 04 Nov 2025 18:02:06 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -692,7 +708,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=416,atl-edge;dur=414,atl-edge-internal;dur=15,atl-edge-upstream;dur=399,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="QYhhYlfMA88IBYFaanzvO1AzOkF3jK6afwEtjrUFo4rC49Y3yQSNuQ==",cdn-downstream-fbl;dur=420 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=401,atl-edge;dur=313,atl-edge-internal;dur=20,atl-edge-upstream;dur=292,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="vWi3EdHtOzg-Tp1ak4kNRPHt2UOn5LuhJDXy-eZFyqWiJUUWu76_Cw==",cdn-downstream-fbl;dur=406 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -702,15 +718,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront) + - 1.1 5a94950aa5895e56460f82b3086d0b0c.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - QYhhYlfMA88IBYFaanzvO1AzOkF3jK6afwEtjrUFo4rC49Y3yQSNuQ== + - vWi3EdHtOzg-Tp1ak4kNRPHt2UOn5LuhJDXy-eZFyqWiJUUWu76_Cw== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P1 X-Arequestid: - - 5d9509d79ab893f6881f5000dc38a104 + - 9ff91c9d4335bf63a04a9a6dd144022c + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -734,17 +754,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:04.581+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:07.222+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - ea32309e-c226-4a0d-b73a-d960e218569d + - 70955815-9d28-48cf-90e9-669e3d4bc0a7 Atl-Traceid: - - ea32309ec2264a0db73ad960e218569d + - 709558159d2848cf90e9669e3d4bc0a7 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -754,7 +774,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:04 GMT + - Tue, 04 Nov 2025 18:02:07 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -764,7 +784,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=325,atl-edge;dur=323,atl-edge-internal;dur=15,atl-edge-upstream;dur=308,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="iswaYNMh8YudWTH9CQuiAXVW5BQH16sonjXQLLCn_taBkBMCmwsSKw==",cdn-downstream-fbl;dur=329 + - cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="Qa9URLPaMa6ikMG2OW5Rg29O7Nnbx0ui3Bddg1weVHvUdq2vNauS9A==",cdn-downstream-fbl;dur=270,cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=67,cdn-upstream-fbl;dur=267,atl-edge;dur=176,atl-edge-internal;dur=20,atl-edge-upstream;dur=155,atl-edge-pop;desc="aws-us-west-2" Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -774,15 +794,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 74ae22067fef6f6228fb9f864f22f58a.cloudfront.net (CloudFront) + - 1.1 949f831c3bb70b840d7eecaeb220bbfa.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - iswaYNMh8YudWTH9CQuiAXVW5BQH16sonjXQLLCn_taBkBMCmwsSKw== + - Qa9URLPaMa6ikMG2OW5Rg29O7Nnbx0ui3Bddg1weVHvUdq2vNauS9A== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P3 X-Arequestid: - - e270fcc6792d3ffa51e7e8ad9e9c8d84 + - 42d62cd510d79b6ffb0403234017575a + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -806,32 +830,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -841,9 +865,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -853,12 +877,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - ae00100f-4d11-40e9-9932-15d9021e6759 + - fb011005-80a3-4d39-8537-813dddbd6615 Atl-Traceid: - - ae00100f4d1140e9993215d9021e6759 + - fb01100580a34d398537813dddbd6615 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -868,7 +892,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:06 GMT + - Tue, 04 Nov 2025 18:02:07 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -878,7 +902,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=420,atl-edge;dur=418,atl-edge-internal;dur=15,atl-edge-upstream;dur=403,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="bgetvlO4WpCinB-heDQIha0uuofhS5EorQlJE9ou15CELKr1QTCrjg==",cdn-downstream-fbl;dur=423 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=21,cdn-upstream-fbl;dur=419,atl-edge;dur=331,atl-edge-internal;dur=21,atl-edge-upstream;dur=308,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="8vx7EoxVuI99a62P5Tr9aCsgWdh7eUfOB7jOs-9OtyVtTB-tPqHKsQ==",cdn-downstream-fbl;dur=423 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -888,15 +912,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 aebce22763fb7e32a807cd494884a9b4.cloudfront.net (CloudFront) + - 1.1 05fe6f95b77eb54d0691950915c27264.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - bgetvlO4WpCinB-heDQIha0uuofhS5EorQlJE9ou15CELKr1QTCrjg== + - 8vx7EoxVuI99a62P5Tr9aCsgWdh7eUfOB7jOs-9OtyVtTB-tPqHKsQ== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN52-P2 X-Arequestid: - - b39c817f7c2df536c188eac2e9f8726c + - 0faee4be973ae5ac859f02e5d753201d + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -920,17 +948,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:07.128+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:08.101+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 537537da-de60-458a-ac4b-eeb5dfbdf818 + - 3e93b632-404f-4c97-8b5e-e53e89385eb3 Atl-Traceid: - - 537537dade60458aac4beeb5dfbdf818 + - 3e93b632404f4c978b5ee53e89385eb3 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -940,7 +968,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:07 GMT + - Tue, 04 Nov 2025 18:02:08 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -950,7 +978,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=326,atl-edge;dur=323,atl-edge-internal;dur=16,atl-edge-upstream;dur=307,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="SiwlZ_K47ZgS_TQfpdkxeGBcmidrzFLppMLZ1O6VQrZAeiJNt_i62w==",cdn-downstream-fbl;dur=329 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=202,atl-edge;dur=177,atl-edge-internal;dur=16,atl-edge-upstream;dur=162,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="etpLicu7TQewaNacytUJJrOszSnNNDLK7WvjA_YA-cV4iTRd1ndbdw==",cdn-downstream-fbl;dur=206 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -960,15 +988,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 490b2d87256587a734fcd39d5d6c7392.cloudfront.net (CloudFront) + - 1.1 ba437ea2340585e48bd8901315998164.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - SiwlZ_K47ZgS_TQfpdkxeGBcmidrzFLppMLZ1O6VQrZAeiJNt_i62w== + - etpLicu7TQewaNacytUJJrOszSnNNDLK7WvjA_YA-cV4iTRd1ndbdw== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P2 X-Arequestid: - - aabd7033d76f62ed7a5419ff8d04a289 + - c57807bdcb2be629f110daeee436bb9a + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -992,32 +1024,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1027,9 +1059,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1039,12 +1071,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 7702705d-9d33-4baf-9ece-59fc4749fcd1 + - acb193c1-a63a-4ad8-906e-c872eb0eafa9 Atl-Traceid: - - 7702705d9d334baf9ece59fc4749fcd1 + - acb193c1a63a4ad8906ec872eb0eafa9 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1054,7 +1086,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:08 GMT + - Tue, 04 Nov 2025 18:02:08 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1064,7 +1096,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=410,atl-edge;dur=409,atl-edge-internal;dur=15,atl-edge-upstream;dur=394,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="GjkZNDPUB0D2uY39X0UH-2FysELkAuiNFnN8WHIYURAWumMzxTwUbg==",cdn-downstream-fbl;dur=414 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=512,atl-edge;dur=420,atl-edge-internal;dur=17,atl-edge-upstream;dur=400,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="Cc5h3Hl1bFI6KVrRPSVLXFG78TNyB1Mo3IfEMiKwiVqQpwgL1ekbug==",cdn-downstream-fbl;dur=515 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1074,15 +1106,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 903696f43fdfc4019d7102b6711e9fca.cloudfront.net (CloudFront) + - 1.1 38eee5097e81ef860ba8d4b144d6ea36.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - GjkZNDPUB0D2uY39X0UH-2FysELkAuiNFnN8WHIYURAWumMzxTwUbg== + - Cc5h3Hl1bFI6KVrRPSVLXFG78TNyB1Mo3IfEMiKwiVqQpwgL1ekbug== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P2 X-Arequestid: - - 785d746ed3b15ff24479c5dd7c6bec74 + - dd075a25136f284c01fa591892a8c618 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '396' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1106,7 +1142,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -1120,9 +1156,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - e1b066b2-c949-4acc-82ed-0c487d9ec2f4 + - 0b828255-2c3d-4429-b94f-a2a8529253f1 Atl-Traceid: - - e1b066b2c9494acc82ed0c487d9ec2f4 + - 0b8282552c3d4429b94fa2a8529253f1 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1132,7 +1168,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:09 GMT + - Tue, 04 Nov 2025 18:02:09 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1142,7 +1178,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=476,atl-edge;dur=473,atl-edge-internal;dur=18,atl-edge-upstream;dur=456,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="igD7knl5DbuQ5ZfHiFTeeiisYeMlDdQOoONo6UI1z_cCPXBGylTEyA==",cdn-downstream-fbl;dur=480 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=456,atl-edge;dur=366,atl-edge-internal;dur=19,atl-edge-upstream;dur=346,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="SYgu4cfSX83fpR2L6ikLwZgVbmPxx8DWaN23u1pJ3jQkBs93fJ4rHQ==",cdn-downstream-fbl;dur=461 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1152,18 +1188,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 0462a83c1b4a9fa5a2554db6feb3a19c.cloudfront.net (CloudFront) + - 1.1 89771419757f75b08f6c8fd411f8ef54.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - igD7knl5DbuQ5ZfHiFTeeiisYeMlDdQOoONo6UI1z_cCPXBGylTEyA== + - SYgu4cfSX83fpR2L6ikLwZgVbmPxx8DWaN23u1pJ3jQkBs93fJ4rHQ== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P1 X-Arequestid: - - 12b5a3b051873b10044beee8f7c093ae + - 946843fc13402b91740f85fc0d144693 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1177,20 +1217,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified and + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1200,9 +1240,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of - Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1222,21 +1262,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3554' + - '3552' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - 64604dff-de45-4e77-bb48-a55ab83f3408 + - 1b62f2cc-df65-4434-b86c-65327d48692c Atl-Traceid: - - 64604dffde454e77bb48a55ab83f3408 + - 1b62f2ccdf654434b86c65327d48692c Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1244,7 +1284,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:11 GMT + - Tue, 04 Nov 2025 18:02:09 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1254,7 +1294,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=489,atl-edge;dur=482,atl-edge-internal;dur=14,atl-edge-upstream;dur=468,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="JdwyDugc3eQLpH6fm9nCuvuWXXpt4CIzYCs20pxu0oTxfN6-JyUubQ==",cdn-downstream-fbl;dur=492 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=435,atl-edge;dur=409,atl-edge-internal;dur=17,atl-edge-upstream;dur=392,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="pkPSgUhZnEDVvSzTho9jSU3DkHyXp5Qk0olAlRnMksJcU_Wv0CL-3Q==",cdn-downstream-fbl;dur=439 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1262,15 +1302,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 de78b5b2f4bbd9bb1abd6bed27a85d78.cloudfront.net (CloudFront) + - 1.1 708370555615eac6a25379c04fbdd8ea.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - JdwyDugc3eQLpH6fm9nCuvuWXXpt4CIzYCs20pxu0oTxfN6-JyUubQ== + - pkPSgUhZnEDVvSzTho9jSU3DkHyXp5Qk0olAlRnMksJcU_Wv0CL-3Q== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P3 X-Arequestid: - - 0e0fd4a41d509e65190567a369b3d2f8 + - be8eb4961a4102d8ade8937be8e4b8f6 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1294,32 +1338,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1329,9 +1373,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1341,12 +1385,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - aeb3ebbc-ad55-4022-ac2e-78ea464a916a + - 4c02c32a-927c-46ac-b551-1ac15ac5f1bc Atl-Traceid: - - aeb3ebbcad554022ac2e78ea464a916a + - 4c02c32a927c46acb5511ac15ac5f1bc Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1356,7 +1400,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:13 GMT + - Tue, 04 Nov 2025 18:02:10 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1366,7 +1410,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=912,atl-edge;dur=910,atl-edge-internal;dur=14,atl-edge-upstream;dur=896,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="7XHZZP5H0xBAkolpWjvQ9kfqQYYIxMGSsdU4QP3U7K7g9fvkTSu2SA==",cdn-downstream-fbl;dur=916 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=307,atl-edge;dur=283,atl-edge-internal;dur=19,atl-edge-upstream;dur=263,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="limXlHkur7WkBoc__dXe5Z7lMUJXTEvbQsB-cjBcViHkB8Pnf9J2XA==",cdn-downstream-fbl;dur=310 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1376,15 +1420,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront) + - 1.1 76f2e1e449c547c66904d58101f10ea6.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 7XHZZP5H0xBAkolpWjvQ9kfqQYYIxMGSsdU4QP3U7K7g9fvkTSu2SA== + - limXlHkur7WkBoc__dXe5Z7lMUJXTEvbQsB-cjBcViHkB8Pnf9J2XA== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P2 X-Arequestid: - - 126a2cfadcb8fce8b755f69b40e68012 + - 531933026dbce014e7494f0296ce64df + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1408,17 +1456,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:14.239+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:10.471+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 44087460-6f19-49f2-99b5-bde754b78559 + - 22ded4a6-f69f-47ef-ab07-3196ad878fb3 Atl-Traceid: - - 440874606f1949f299b5bde754b78559 + - 22ded4a6f69f47efab073196ad878fb3 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1428,7 +1476,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:14 GMT + - Tue, 04 Nov 2025 18:02:10 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1438,7 +1486,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=341,atl-edge;dur=339,atl-edge-internal;dur=13,atl-edge-upstream;dur=326,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="26edOcy7Kxo0DyMfI9EUcHRgupdK4HKkmjm2DohsqEoH7900YiC9ug==",cdn-downstream-fbl;dur=345 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=213,atl-edge;dur=190,atl-edge-internal;dur=17,atl-edge-upstream;dur=173,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="hreyU7MUxxAXKkDe_ZyotpsDIUFD2mCeMLKLsiI-g882Ythw-xmQJw==",cdn-downstream-fbl;dur=217 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1448,15 +1496,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 237cbfb8cde372b8f33bda5565e9b52c.cloudfront.net (CloudFront) + - 1.1 b86386058101394cf48b049b58f8d788.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 26edOcy7Kxo0DyMfI9EUcHRgupdK4HKkmjm2DohsqEoH7900YiC9ug== + - hreyU7MUxxAXKkDe_ZyotpsDIUFD2mCeMLKLsiI-g882Ythw-xmQJw== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P1 X-Arequestid: - - 4145c4e9c8c75a255f7163541629a4c0 + - 8402396b323202bf7f468f30dc19b8bc + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1480,32 +1532,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1515,9 +1567,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1527,12 +1579,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 3da11bd3-a8aa-4b1e-961d-5d6a4ef1b8ad + - eb2e2e11-5982-4940-90a2-008f1c3c2118 Atl-Traceid: - - 3da11bd3a8aa4b1e961d5d6a4ef1b8ad + - eb2e2e115982494090a2008f1c3c2118 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1542,7 +1594,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:15 GMT + - Tue, 04 Nov 2025 18:02:10 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1552,7 +1604,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=408,atl-edge;dur=406,atl-edge-internal;dur=15,atl-edge-upstream;dur=391,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P2",cdn-rid;desc="GJ1_LXZe2jcn2sAWqNq6nOhGBiFv7Lwbp49upI5EyXAtmI0IR3hPzw==",cdn-downstream-fbl;dur=413 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=337,atl-edge;dur=314,atl-edge-internal;dur=33,atl-edge-upstream;dur=278,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="UTGgSNcbBEZ9gXBOrJFZpWjFi-FCeAaLxs0caWpPW2OScGY8fzkJrQ==",cdn-downstream-fbl;dur=341 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1562,15 +1614,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront) + - 1.1 77dfdef79344c95f75de8512042d4bac.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - GJ1_LXZe2jcn2sAWqNq6nOhGBiFv7Lwbp49upI5EyXAtmI0IR3hPzw== + - UTGgSNcbBEZ9gXBOrJFZpWjFi-FCeAaLxs0caWpPW2OScGY8fzkJrQ== X-Amz-Cf-Pop: - - SYD3-P2 + - DEN53-P1 X-Arequestid: - - 5d52321a767cb4de97d53a23c73f19ac + - 598e1c541f46b55e14ff1d61b301538f + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1594,17 +1650,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:16.721+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:11.127+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 385a7b5f-a896-46ea-861f-30162f3a67d7 + - 12aafee7-dbee-4176-9d25-3b5f6c24c890 Atl-Traceid: - - 385a7b5fa89646ea861f30162f3a67d7 + - 12aafee7dbee41769d253b5f6c24c890 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1614,7 +1670,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:16 GMT + - Tue, 04 Nov 2025 18:02:11 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1624,7 +1680,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=322,atl-edge;dur=320,atl-edge-internal;dur=13,atl-edge-upstream;dur=306,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="iGMFuHs3UcPPfcXVeuZOSQKlyIpjMb3IbpIngT6jpypm5nloql_PoA==",cdn-downstream-fbl;dur=325 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=208,atl-edge;dur=185,atl-edge-internal;dur=15,atl-edge-upstream;dur=168,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="_svgmad-2g87POgHOFQA_8eWqA5tfzydFB8_JkkOl9ux0Q-34y3OjA==",cdn-downstream-fbl;dur=211 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1634,15 +1690,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront) + - 1.1 b93403e5b15ed21bc6e80b8108e9d988.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - iGMFuHs3UcPPfcXVeuZOSQKlyIpjMb3IbpIngT6jpypm5nloql_PoA== + - _svgmad-2g87POgHOFQA_8eWqA5tfzydFB8_JkkOl9ux0Q-34y3OjA== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P3 X-Arequestid: - - d501984a1f5c179f63b570c8cff6aff9 + - 52936e1b6d5a4a947debcbeef38be0ea + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1666,32 +1726,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1701,9 +1761,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1713,12 +1773,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 4d3525f2-cfba-40aa-8487-414ba066e229 + - bdb80fe7-822d-4055-8cf4-79b2a6a048ed Atl-Traceid: - - 4d3525f2cfba40aa8487414ba066e229 + - bdb80fe7822d40558cf479b2a6a048ed Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1728,7 +1788,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:18 GMT + - Tue, 04 Nov 2025 18:02:11 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1738,7 +1798,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=416,atl-edge;dur=414,atl-edge-internal;dur=15,atl-edge-upstream;dur=399,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="hVJwmez2KjuGpj1j-tmMhS0L_kAl6bMq7WZYKBvwWqG-8Ca55801Pw==",cdn-downstream-fbl;dur=421 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=306,atl-edge;dur=283,atl-edge-internal;dur=20,atl-edge-upstream;dur=263,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="bfc6kJYAadYp7um0y2GJYsSrrBUBQxPUIYhtfO4E9sEaAs36Ts9M_Q==",cdn-downstream-fbl;dur=310 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1748,15 +1808,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront) + - 1.1 66fbb9efab6146079af1497f336edf9e.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - hVJwmez2KjuGpj1j-tmMhS0L_kAl6bMq7WZYKBvwWqG-8Ca55801Pw== + - bfc6kJYAadYp7um0y2GJYsSrrBUBQxPUIYhtfO4E9sEaAs36Ts9M_Q== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P3 X-Arequestid: - - a7598c5300d79123926b88c4dab487ca + - 7d73a15af779a11b3d3b75d217ad163c + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1780,17 +1844,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:19.275+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:12.083+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 1bd2d2c7-b0f5-4c28-a1ef-35147d370824 + - d0276e3b-06fb-4b2c-a97c-7cb59d11d3e1 Atl-Traceid: - - 1bd2d2c7b0f54c28a1ef35147d370824 + - d0276e3b06fb4b2ca97c7cb59d11d3e1 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1800,7 +1864,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:19 GMT + - Tue, 04 Nov 2025 18:02:12 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1810,7 +1874,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=321,atl-edge;dur=319,atl-edge-internal;dur=14,atl-edge-upstream;dur=306,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="-sdZnGVD8REvkTR7KNeUEeB4BSBZlEUUfHbgJ8sojFxoz8ZDK_-zIQ==",cdn-downstream-fbl;dur=326 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=21,cdn-upstream-fbl;dur=499,atl-edge;dur=410,atl-edge-internal;dur=19,atl-edge-upstream;dur=390,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="tIKRicT5RfAyIWF7PXHG8sRuaA_osVKZZ0KCu7taydD0uT0RLKQ94w==",cdn-downstream-fbl;dur=504 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1820,15 +1884,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront) + - 1.1 93a2323067b2c60f3b86c822765cf3d2.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - -sdZnGVD8REvkTR7KNeUEeB4BSBZlEUUfHbgJ8sojFxoz8ZDK_-zIQ== + - tIKRicT5RfAyIWF7PXHG8sRuaA_osVKZZ0KCu7taydD0uT0RLKQ94w== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P3 X-Arequestid: - - 8eb4360214015ef34f88a0734f4ab22b + - f805233f74018ed4e5cc5b5b7ad65133 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '347' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1852,32 +1920,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1887,9 +1955,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -1899,12 +1967,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - a11e7b22-1506-4f68-b366-60cc50e7625f + - 59d3740d-9752-4be3-9634-0bd5846bc0b8 Atl-Traceid: - - a11e7b2215064f68b36660cc50e7625f + - 59d3740d97524be396340bd5846bc0b8 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1914,7 +1982,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:20 GMT + - Tue, 04 Nov 2025 18:02:12 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -1924,7 +1992,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=425,atl-edge;dur=422,atl-edge-internal;dur=16,atl-edge-upstream;dur=406,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="0y1t7sSdxZsdjd27ph58eUlxzNXWdCFkLtCrdFZ_v-nx2S-E-xO-ug==",cdn-downstream-fbl;dur=428 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=371,atl-edge;dur=282,atl-edge-internal;dur=18,atl-edge-upstream;dur=262,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="xFq9uPMG9CRshuqmTO_vuiDuItFsogLXAV-C2PAqci9nA2gcZl1uzw==",cdn-downstream-fbl;dur=375 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -1934,15 +2002,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 fbd92e37686376c632f471bbca198756.cloudfront.net (CloudFront) + - 1.1 3349382fe72101eee491170c132b7e3c.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 0y1t7sSdxZsdjd27ph58eUlxzNXWdCFkLtCrdFZ_v-nx2S-E-xO-ug== + - xFq9uPMG9CRshuqmTO_vuiDuItFsogLXAV-C2PAqci9nA2gcZl1uzw== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P2 X-Arequestid: - - 03cc010086db094fa891f5284c58be24 + - 9e2b1a834627751bcce4a3515ab37072 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -1966,7 +2038,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -1980,9 +2052,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - c09de42c-7ecc-4d01-ac0b-683f990b7128 + - cafbc97b-52fb-4e81-8877-4b260e9a9749 Atl-Traceid: - - c09de42c7ecc4d01ac0b683f990b7128 + - cafbc97b52fb4e8188774b260e9a9749 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -1992,7 +2064,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:22 GMT + - Tue, 04 Nov 2025 18:02:13 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2002,7 +2074,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=476,atl-edge;dur=475,atl-edge-internal;dur=13,atl-edge-upstream;dur=461,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="mAL0n6QKIMQbz5GD_TXUITcWeJ7LVTa623bo2f3sl6Zz5LpxO_0Gkg==",cdn-downstream-fbl;dur=480 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=527,atl-edge;dur=437,atl-edge-internal;dur=18,atl-edge-upstream;dur=419,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="xkl-rAU1Om3tF4GT58NRciQiHy4DFZJFh_5kJ_JCDOCy8J_cqG6JGw==",cdn-downstream-fbl;dur=532 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2012,18 +2084,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront) + - 1.1 73ad00d68a5eb9671b517ae19c83ae52.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - mAL0n6QKIMQbz5GD_TXUITcWeJ7LVTa623bo2f3sl6Zz5LpxO_0Gkg== + - xkl-rAU1Om3tF4GT58NRciQiHy4DFZJFh_5kJ_JCDOCy8J_cqG6JGw== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P3 X-Arequestid: - - 0f840bcf24ad92eeb2bf4feb169f09c8 + - e5e3222a3cfcd273504ab373d6c94703 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2037,20 +2113,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified and + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2060,9 +2136,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of - Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2082,21 +2158,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3554' + - '3552' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - b1780642-f400-40a0-bf64-e32312a96e7f + - 66d8b50b-2e60-4ae5-b631-8142958d28eb Atl-Traceid: - - b1780642f40040a0bf64e32312a96e7f + - 66d8b50b2e604ae5b6318142958d28eb Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2104,7 +2180,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:23 GMT + - Tue, 04 Nov 2025 18:02:13 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2114,7 +2190,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=500,atl-edge;dur=499,atl-edge-internal;dur=14,atl-edge-upstream;dur=484,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="yHVc2YXatcUeiDtzFIRWHyZpAssPQTkkQ30rpbqixd68PfLs3Z-1Vw==",cdn-downstream-fbl;dur=505 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=393,atl-edge;dur=368,atl-edge-internal;dur=18,atl-edge-upstream;dur=350,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="EW4e3c6E25wWQjSlzbFn5GdaTZGWtIddAqyc4QfQFDZjmij7nH0Mkw==",cdn-downstream-fbl;dur=399 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2122,15 +2198,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 c7cd0041811f30bfd9c4a00e82b6a3c8.cloudfront.net (CloudFront) + - 1.1 25c0c572fef0588285c0d89bc75071be.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - yHVc2YXatcUeiDtzFIRWHyZpAssPQTkkQ30rpbqixd68PfLs3Z-1Vw== + - EW4e3c6E25wWQjSlzbFn5GdaTZGWtIddAqyc4QfQFDZjmij7nH0Mkw== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P2 X-Arequestid: - - 346ddea5a2724d932e384246a0bd8cd1 + - dc66bb1bf21005c8f9d7345f28888df8 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2154,32 +2234,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2189,9 +2269,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2201,12 +2281,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 734a9b45-56be-4d2d-a7f2-6f4c8b0c4373 + - 0aa75647-dc46-4f8c-b999-89f1ed7950e2 Atl-Traceid: - - 734a9b4556be4d2da7f26f4c8b0c4373 + - 0aa75647dc464f8cb99989f1ed7950e2 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2216,7 +2296,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:24 GMT + - Tue, 04 Nov 2025 18:02:14 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2226,7 +2306,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=409,atl-edge;dur=406,atl-edge-internal;dur=14,atl-edge-upstream;dur=392,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="qosadCarX-6YHbcDTlnseU0M5nyf0G-SQdZQ8Nxp8SKhlkSwGoZuwg==",cdn-downstream-fbl;dur=412 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=471,atl-edge;dur=380,atl-edge-internal;dur=21,atl-edge-upstream;dur=359,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="lDDyxIeawTp0JNd1mxgqAQPS9NWCu9LafnFb2EcPN0F-CjiiHxSTuQ==",cdn-downstream-fbl;dur=474 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2236,15 +2316,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront) + - 1.1 c29cc996206d7483aa0efdd00191d936.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - qosadCarX-6YHbcDTlnseU0M5nyf0G-SQdZQ8Nxp8SKhlkSwGoZuwg== + - lDDyxIeawTp0JNd1mxgqAQPS9NWCu9LafnFb2EcPN0F-CjiiHxSTuQ== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P1 X-Arequestid: - - c13b6667dc3c1cba83a18bb106e14fd8 + - 20be13273370706533068faf479a6a7f + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2268,17 +2352,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:25.880+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:14.438+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - dc93a941-b162-4ad7-8444-a10a6e89dbe0 + - ff86994c-3756-404b-a894-11ee1fcd0b5a Atl-Traceid: - - dc93a941b1624ad78444a10a6e89dbe0 + - ff86994c3756404ba89411ee1fcd0b5a Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2288,7 +2372,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:26 GMT + - Tue, 04 Nov 2025 18:02:14 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2298,7 +2382,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=316,atl-edge;dur=314,atl-edge-internal;dur=14,atl-edge-upstream;dur=300,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="eMnihDSSW0z_Y93Q4hhhyB3jTqdSZNrsEyZC72vswzNqcdEKikTlJA==",cdn-downstream-fbl;dur=319 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=197,atl-edge;dur=174,atl-edge-internal;dur=14,atl-edge-upstream;dur=160,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="AM7_bpFecKj_cGFzk9tVe6NWJqkc2v00rXUInWnZZmXlXFuJxy2uBQ==",cdn-downstream-fbl;dur=200 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2308,15 +2392,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 e3b6a2cc8a3456f4a2dc3bfd506c4344.cloudfront.net (CloudFront) + - 1.1 0ecc9d4faf14441bafb84971a4117abc.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - eMnihDSSW0z_Y93Q4hhhyB3jTqdSZNrsEyZC72vswzNqcdEKikTlJA== + - AM7_bpFecKj_cGFzk9tVe6NWJqkc2v00rXUInWnZZmXlXFuJxy2uBQ== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P2 X-Arequestid: - - 5c6280e3c2d23adb4d779cea49403270 + - 33c13ab7c3c77c36ed590668cb5e2b5e + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2340,32 +2428,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2375,9 +2463,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2387,12 +2475,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - fcb574a4-8cf4-4875-a147-dfa682e4546e + - 9f81f68a-63bc-4ec4-ac0c-db8cda2b9aa4 Atl-Traceid: - - fcb574a48cf44875a147dfa682e4546e + - 9f81f68a63bc4ec4ac0cdb8cda2b9aa4 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2402,7 +2490,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:27 GMT + - Tue, 04 Nov 2025 18:02:14 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2412,7 +2500,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=413,atl-edge;dur=411,atl-edge-internal;dur=17,atl-edge-upstream;dur=394,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="OD5dm0zurXC1ovFJVWDSjBg4Sb_DgnHJCnuYba2aJ04Op8BPaKjXvw==",cdn-downstream-fbl;dur=417 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=283,atl-edge;dur=260,atl-edge-internal;dur=17,atl-edge-upstream;dur=243,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="mxSqW12DlFC89a7I2k6p5GVBTzi_gzgElTc55OAe_yrDf0bJ7kNoRg==",cdn-downstream-fbl;dur=286 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2422,15 +2510,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 2e2023905a055fb3a137d4ecfec97d0e.cloudfront.net (CloudFront) + - 1.1 e559b1049f75d818d7420cfc59459998.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - OD5dm0zurXC1ovFJVWDSjBg4Sb_DgnHJCnuYba2aJ04Op8BPaKjXvw== + - mxSqW12DlFC89a7I2k6p5GVBTzi_gzgElTc55OAe_yrDf0bJ7kNoRg== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN52-P3 X-Arequestid: - - c2d455820b036c618863764a91c098fc + - 5491a4ea21bc0e72852d4e8a1660e400 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2454,17 +2546,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:28.391+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:15.099+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - f6d0f9d2-4590-48bc-8152-5d72931592f5 + - ab5c19f2-16c2-4c4a-8bef-0e4bd5f0719a Atl-Traceid: - - f6d0f9d2459048bc81525d72931592f5 + - ab5c19f216c24c4a8bef0e4bd5f0719a Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2474,7 +2566,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:28 GMT + - Tue, 04 Nov 2025 18:02:15 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2484,7 +2576,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=322,atl-edge;dur=320,atl-edge-internal;dur=15,atl-edge-upstream;dur=305,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P2",cdn-rid;desc="6V9qSafzz2JZ_5MC_TSdvZachXKXEleWpWPk-Kdyu4uHzuaj3_uwFg==",cdn-downstream-fbl;dur=325 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=205,atl-edge;dur=182,atl-edge-internal;dur=15,atl-edge-upstream;dur=167,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="_C-cobHnZPjJdN97SBe43TbJtulZGq1NoCA6tyYlc8P0Xx5m04PPog==",cdn-downstream-fbl;dur=211 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2494,15 +2586,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront) + - 1.1 c4c8de00fdd2495cb82daf882e1daacc.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 6V9qSafzz2JZ_5MC_TSdvZachXKXEleWpWPk-Kdyu4uHzuaj3_uwFg== + - _C-cobHnZPjJdN97SBe43TbJtulZGq1NoCA6tyYlc8P0Xx5m04PPog== X-Amz-Cf-Pop: - - SYD3-P2 + - DEN52-P1 X-Arequestid: - - d0c31fec74eb6012ad421e1fd7220d86 + - ae16cde63bccd1666904484014632824 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2526,32 +2622,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:00.522+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:05.644+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2561,9 +2657,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2573,12 +2669,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 281b6a44-f73b-4cd6-a2ab-14d397818fb5 + - 950d72e6-9fba-4ce9-a7c7-ebad308373e5 Atl-Traceid: - - 281b6a44f73b4cd6a2ab14d397818fb5 + - 950d72e69fba4ce9a7c7ebad308373e5 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2588,7 +2684,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:29 GMT + - Tue, 04 Nov 2025 18:02:15 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2598,7 +2694,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=409,atl-edge;dur=407,atl-edge-internal;dur=16,atl-edge-upstream;dur=391,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="ndnWYuJlAkvSOtk796Qd4dgBoMMJCu-wWtTD8WRZKYp4Q82aUNNhDw==",cdn-downstream-fbl;dur=413 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=326,atl-edge;dur=301,atl-edge-internal;dur=19,atl-edge-upstream;dur=284,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="y419r0ZO3D26d1K3DbwKJsCpb5C912VYELwPgA699f-dvjXrAb96Zg==",cdn-downstream-fbl;dur=330 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2608,15 +2704,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 fda8cdb1c5d1bc3e2d4cabe818dc8c5e.cloudfront.net (CloudFront) + - 1.1 befcfd7ee847a3c890471f27612dbcde.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - ndnWYuJlAkvSOtk796Qd4dgBoMMJCu-wWtTD8WRZKYp4Q82aUNNhDw== + - y419r0ZO3D26d1K3DbwKJsCpb5C912VYELwPgA699f-dvjXrAb96Zg== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN52-P2 X-Arequestid: - - d5c02579ee062455e12c375dc79414ac + - f4a8afa1f9023254d97fb72e5de75313 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2640,7 +2740,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -2654,9 +2754,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - d5b1587d-7ace-418f-b294-0f1fe7f3df2d + - 4215d28c-ff83-4677-97e2-84339612aa0f Atl-Traceid: - - d5b1587d7ace418fb2940f1fe7f3df2d + - 4215d28cff83467797e284339612aa0f Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2666,7 +2766,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:31 GMT + - Tue, 04 Nov 2025 18:02:16 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2676,7 +2776,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=488,atl-edge;dur=487,atl-edge-internal;dur=15,atl-edge-upstream;dur=471,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="Qsl1LryFgTTEhbX0fkWg4mVTCE-WFajBRreMA73pR1ry4AmrBdzRRA==",cdn-downstream-fbl;dur=493 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=419,atl-edge;dur=396,atl-edge-internal;dur=17,atl-edge-upstream;dur=380,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="KwMEjf_fhEUoSol06_7ER4Jy2ef0-xbJPj2H1m4kUSJwOGKrNei1wQ==",cdn-downstream-fbl;dur=423 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2686,18 +2786,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront) + - 1.1 e1dbbcedf936fc7d0284466c9c65e78c.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - Qsl1LryFgTTEhbX0fkWg4mVTCE-WFajBRreMA73pR1ry4AmrBdzRRA== + - KwMEjf_fhEUoSol06_7ER4Jy2ef0-xbJPj2H1m4kUSJwOGKrNei1wQ== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P3 X-Arequestid: - - 79b57d98774ca76e8aed5132794cc751 + - 6daa4f5587e93f1590f81650f6519cb7 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2711,20 +2815,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* Medium\n *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* Medium\n *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2734,9 +2838,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of - Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2756,21 +2860,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3562' + - '3560' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - b9bc77b1-9d5a-4b61-bf23-5df81cfd6ad3 + - 07301fee-2f2c-4b77-a529-6cc8f69e956b Atl-Traceid: - - b9bc77b19d5a4b61bf235df81cfd6ad3 + - 07301fee2f2c4b77a5296cc8f69e956b Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2778,7 +2882,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:32 GMT + - Tue, 04 Nov 2025 18:02:16 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2788,7 +2892,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=680,atl-edge;dur=677,atl-edge-internal;dur=14,atl-edge-upstream;dur=663,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="IAkFhJMfHqlEN9qXXNnM2cL6dJMnoRCVfLSdUTXO1DX952mRXR2upA==",cdn-downstream-fbl;dur=691 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=603,atl-edge;dur=579,atl-edge-internal;dur=20,atl-edge-upstream;dur=558,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="cMir0zB98cXT5Kw12uXTy0IGSFjprWY-1wH64dAXYQ43ndOTkAA_1A==",cdn-downstream-fbl;dur=608 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2796,15 +2900,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 0cd8fe15d9bdb168de9cd5f22954d220.cloudfront.net (CloudFront) + - 1.1 6d3c3e0af3263a7b3c6878f2fa9bbff6.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - IAkFhJMfHqlEN9qXXNnM2cL6dJMnoRCVfLSdUTXO1DX952mRXR2upA== + - cMir0zB98cXT5Kw12uXTy0IGSFjprWY-1wH64dAXYQ43ndOTkAA_1A== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P1 X-Arequestid: - - 119612430dcd24c162b92685a4ec4318 + - 068a2f7c30152724a73a3fddd724dc51 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2828,32 +2936,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:32.402+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:16.604+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* Medium\n *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* Medium\n *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2863,9 +2971,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -2875,12 +2983,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 4cf28357-92f9-4b5b-ab05-8d67338a38c5 + - 1c5583e2-783a-4932-84d0-937b91403c25 Atl-Traceid: - - 4cf2835792f94b5bab058d67338a38c5 + - 1c5583e2783a493284d0937b91403c25 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2890,7 +2998,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:34 GMT + - Tue, 04 Nov 2025 18:02:17 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2900,7 +3008,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=402,atl-edge;dur=399,atl-edge-internal;dur=17,atl-edge-upstream;dur=382,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="ASfVHl7h8A7GaM9GiXANv7kdDV-O08KP2s3GB_jn4p4A8cSpZiVHCA==",cdn-downstream-fbl;dur=407 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=361,atl-edge;dur=339,atl-edge-internal;dur=19,atl-edge-upstream;dur=320,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="WWmdLWach6_EiC-NpRc-2C74nLCAvT44B6eeqQVngEMx87hrJ_bEig==",cdn-downstream-fbl;dur=365 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2910,15 +3018,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront) + - 1.1 057707d7f80ca305efe5fad72e15b94c.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - ASfVHl7h8A7GaM9GiXANv7kdDV-O08KP2s3GB_jn4p4A8cSpZiVHCA== + - WWmdLWach6_EiC-NpRc-2C74nLCAvT44B6eeqQVngEMx87hrJ_bEig== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P3 X-Arequestid: - - 5fc80e61bbe0f7c058d67823d7f7c34d + - e0fe52aab773bd8dca6281eb92a39c6e + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -2942,17 +3054,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:35.110+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:17.647+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 76c7ea07-0390-47fd-a585-d383b1c3173f + - b0e4bd09-950b-4154-bfce-7a7a32a9b180 Atl-Traceid: - - 76c7ea07039047fda585d383b1c3173f + - b0e4bd09950b4154bfce7a7a32a9b180 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -2962,7 +3074,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:35 GMT + - Tue, 04 Nov 2025 18:02:17 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -2972,7 +3084,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=326,atl-edge;dur=324,atl-edge-internal;dur=15,atl-edge-upstream;dur=309,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="HzpdwHAqNA7_ms-Agdeqbpb1TubqGM3XTDUqlOvZlvwc3UhdLQy2Og==",cdn-downstream-fbl;dur=329 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=200,atl-edge;dur=176,atl-edge-internal;dur=15,atl-edge-upstream;dur=161,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="0teRSuD506uDmqmqcjG8litU-FyYD0nMf4Tmwo82TFEQhxcGoQJnvg==",cdn-downstream-fbl;dur=203 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -2982,15 +3094,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 053b1a4cfd9215b4abb8a58ea35b06aa.cloudfront.net (CloudFront) + - 1.1 153b67ebb1db442b5cea7f360e7f8cb6.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - HzpdwHAqNA7_ms-Agdeqbpb1TubqGM3XTDUqlOvZlvwc3UhdLQy2Og== + - 0teRSuD506uDmqmqcjG8litU-FyYD0nMf4Tmwo82TFEQhxcGoQJnvg== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P1 X-Arequestid: - - d024df9f5d8436ed832241235b603540 + - 01969eb5a814b88e679421007835b28b + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3014,32 +3130,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:32.402+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:16.604+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* Medium\n *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* Medium\n *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3049,9 +3165,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3061,12 +3177,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - d73f340a-460e-47b9-877d-97bd949dd61e + - 9287b432-8a6b-477c-8bda-04e776059298 Atl-Traceid: - - d73f340a460e47b9877d97bd949dd61e + - 9287b4328a6b477c8bda04e776059298 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3076,7 +3192,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:36 GMT + - Tue, 04 Nov 2025 18:02:18 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3086,7 +3202,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=413,atl-edge;dur=411,atl-edge-internal;dur=14,atl-edge-upstream;dur=396,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="N7d577kMY-kZmHs3RLsrOTjA8Z3AVOQTKaI7nj8qwtTff7ckQJmL6w==",cdn-downstream-fbl;dur=417 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=295,atl-edge;dur=273,atl-edge-internal;dur=17,atl-edge-upstream;dur=256,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="65GVAZ5M-WBpYboVMCLB11ztgq_zYRtFNx8-GS5QyzpQSUTzHnWoow==",cdn-downstream-fbl;dur=299 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3096,15 +3212,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront) + - 1.1 f65dcddaf4d3d1ea834dd4e676c13038.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - N7d577kMY-kZmHs3RLsrOTjA8Z3AVOQTKaI7nj8qwtTff7ckQJmL6w== + - 65GVAZ5M-WBpYboVMCLB11ztgq_zYRtFNx8-GS5QyzpQSUTzHnWoow== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P3 X-Arequestid: - - ca98c1754bb20b5e9a7d2acd497c7900 + - 2b1c493d36a7239aa31e5f19ad106153 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3128,17 +3248,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:37.665+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:18.362+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - a6e38104-4223-48f8-a993-485c77f32d35 + - ac1ae67c-82d9-4511-8731-138bd4222dcc Atl-Traceid: - - a6e38104422348f8a993485c77f32d35 + - ac1ae67c82d945118731138bd4222dcc Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3148,7 +3268,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:37 GMT + - Tue, 04 Nov 2025 18:02:18 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3158,7 +3278,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=373,atl-edge;dur=369,atl-edge-internal;dur=15,atl-edge-upstream;dur=354,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="_Jve8zXBfmHLnliGyxhUuMlq3eXo0Xhn0iTEiJ3ej9Q-hZuN4A5XHw==",cdn-downstream-fbl;dur=376 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=218,atl-edge;dur=194,atl-edge-internal;dur=15,atl-edge-upstream;dur=180,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="rc_gvP98kUGw9hxGU9pInLW1FPSAWDWqz-ftLnBKKU-cIA5RCpeicQ==",cdn-downstream-fbl;dur=221 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3168,15 +3288,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 da84bd533f95bc21581ad9f33da5b73a.cloudfront.net (CloudFront) + - 1.1 f6327093dd59f54131617ea3ab04bd94.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - _Jve8zXBfmHLnliGyxhUuMlq3eXo0Xhn0iTEiJ3ej9Q-hZuN4A5XHw== + - rc_gvP98kUGw9hxGU9pInLW1FPSAWDWqz-ftLnBKKU-cIA5RCpeicQ== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P2 X-Arequestid: - - c5c92fc4a0e98ce1cb8ab3dd3fdc0933 + - 418bf4381df42086b99d13c11fe4f9c7 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3200,32 +3324,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:32.402+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:16.604+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/247]\n*Defect Dojo link:* http://localhost:8080/finding/247 - (247)\n*Severity:* Medium\n *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + 0.6.0)|http://localhost:8080/finding/235]\n*Defect Dojo link:* http://localhost:8080/finding/235 + (235)\n*Severity:* Medium\n *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3235,9 +3359,9 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3247,12 +3371,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 3e345e28-33ef-41dd-b4ed-715010730bbb + - ec0a253d-040d-4e9c-9c61-4ae4ce26fed0 Atl-Traceid: - - 3e345e2833ef41ddb4ed715010730bbb + - ec0a253d040d4e9c9c614ae4ce26fed0 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3262,7 +3386,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:39 GMT + - Tue, 04 Nov 2025 18:02:18 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3272,7 +3396,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=426,atl-edge;dur=424,atl-edge-internal;dur=14,atl-edge-upstream;dur=410,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="PmOe3DbnldohaOsROAx-DQdXjGCtN4Kok_Nvw3-MffoNNz4R7vdNXA==",cdn-downstream-fbl;dur=429 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=303,atl-edge;dur=279,atl-edge-internal;dur=19,atl-edge-upstream;dur=261,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="sVRnGfux1qMBn7xsr9Tp5lQdVbZ0wRttlilvS7nHJC3AVV8H54eMlA==",cdn-downstream-fbl;dur=307 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3282,15 +3406,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 0853add243e6eac9b8f74b5c74814a3e.cloudfront.net (CloudFront) + - 1.1 185338419e21d148fae1747402a58e8a.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - PmOe3DbnldohaOsROAx-DQdXjGCtN4Kok_Nvw3-MffoNNz4R7vdNXA== + - sVRnGfux1qMBn7xsr9Tp5lQdVbZ0wRttlilvS7nHJC3AVV8H54eMlA== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P2 X-Arequestid: - - 3b74253a001b091c756dcd5d15c9eb98 + - 570ff8977c1e34b277ab3e617c3ca059 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3314,7 +3442,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -3328,9 +3456,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - 811d1bf6-d3f5-4256-bc9a-86e31901eaca + - eb57cbb0-3717-464b-9743-c8f0b21332e0 Atl-Traceid: - - 811d1bf6d3f54256bc9a86e31901eaca + - eb57cbb03717464b9743c8f0b21332e0 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3340,7 +3468,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:40 GMT + - Tue, 04 Nov 2025 18:02:19 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3350,7 +3478,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=531,atl-edge;dur=526,atl-edge-internal;dur=15,atl-edge-upstream;dur=511,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="VuAizxz11RSDWEw7z1j4TZFiUjIYKfw5KU6RYAeQHwYnzmwAPUePng==",cdn-downstream-fbl;dur=535 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=429,atl-edge;dur=405,atl-edge-internal;dur=18,atl-edge-upstream;dur=388,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="ktsbO9_jiCfL6nXrqpAjiP0Gz8D_7mC5XD7hZOb5pd1MhIgm9FBKhA==",cdn-downstream-fbl;dur=432 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3360,18 +3488,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront) + - 1.1 3349382fe72101eee491170c132b7e3c.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - VuAizxz11RSDWEw7z1j4TZFiUjIYKfw5KU6RYAeQHwYnzmwAPUePng== + - ktsbO9_jiCfL6nXrqpAjiP0Gz8D_7mC5XD7hZOb5pd1MhIgm9FBKhA== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P2 X-Arequestid: - - 03d46ba651a39a03447eddae9e874dc0 + - ac2fdf85b64a9d9775ca926a7b5f4813 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3385,20 +3517,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified and + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. - Findings\n\nh3. [Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Findings\n\nh3. [Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3408,9 +3540,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3430,21 +3562,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3554' + - '3552' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - 561a6c1c-a903-4bea-87ea-1b3168dae999 + - 01c257d5-582f-4338-bdde-5c54168925a8 Atl-Traceid: - - 561a6c1ca9034bea87ea1b3168dae999 + - 01c257d5582f4338bdde5c54168925a8 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3452,7 +3584,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:42 GMT + - Tue, 04 Nov 2025 18:02:20 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3462,7 +3594,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=659,atl-edge;dur=656,atl-edge-internal;dur=15,atl-edge-upstream;dur=641,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="wcqI2BhGiZDp5UbhjFvIp4ccvUcd5nJbaxwQMDa9Ht3f1rr8PBxCsg==",cdn-downstream-fbl;dur=663 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=654,atl-edge;dur=628,atl-edge-internal;dur=15,atl-edge-upstream;dur=612,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="w4B8vupClB96Siy6jxa9ucvkK3W5UdOsKDg07yVvq_zx83zgAGYEgg==",cdn-downstream-fbl;dur=659 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3470,15 +3602,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 a7a7ee092ee4b4df82064022cbdb7e94.cloudfront.net (CloudFront) + - 1.1 cb4937748c19bcccb40a5a5875f01552.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - wcqI2BhGiZDp5UbhjFvIp4ccvUcd5nJbaxwQMDa9Ht3f1rr8PBxCsg== + - w4B8vupClB96Siy6jxa9ucvkK3W5UdOsKDg07yVvq_zx83zgAGYEgg== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P1 X-Arequestid: - - c05cdd5aa9dd6cd71937593633bf314f + - fa67414b72a74c12a7c4312cc58d4056 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3502,32 +3638,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:41.751+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:19.903+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/246]\n*Defect Dojo link:* http://localhost:8080/finding/246 - (246)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + 0.6.0)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3537,9 +3673,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3549,12 +3685,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 520b0b01-3d1d-4e76-bac9-a4341333bfdf + - 4eb3c00f-29db-4e73-b451-0c56228484d2 Atl-Traceid: - - 520b0b013d1d4e76bac9a4341333bfdf + - 4eb3c00f29db4e73b4510c56228484d2 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3564,7 +3700,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:43 GMT + - Tue, 04 Nov 2025 18:02:20 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3574,7 +3710,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=417,atl-edge;dur=414,atl-edge-internal;dur=16,atl-edge-upstream;dur=399,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="hfme_rP70CvAFwiYqT120Zpm9lXaBTXBrMK-_M0qTVIeflYXH16XsA==",cdn-downstream-fbl;dur=420 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=262,atl-edge;dur=240,atl-edge-internal;dur=16,atl-edge-upstream;dur=222,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="lQgy1v4B9EumMwE8ljoo2-gymI-Ok4Jj2T81cBl4QjfvH3JqJ-SxOg==",cdn-downstream-fbl;dur=266 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3584,15 +3720,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 b39f0409e845bde1b97cd11f1d544d4e.cloudfront.net (CloudFront) + - 1.1 6767782218a3548f894151ef053fe67e.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - hfme_rP70CvAFwiYqT120Zpm9lXaBTXBrMK-_M0qTVIeflYXH16XsA== + - lQgy1v4B9EumMwE8ljoo2-gymI-Ok4Jj2T81cBl4QjfvH3JqJ-SxOg== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P3 X-Arequestid: - - 1fcc61942702b781825f188c2110ac38 + - 33707d82c635970cc166e449d3358406 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3616,17 +3756,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:44.435+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:20.777+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 1579fb0e-c930-4186-9a20-2fcfa46992b4 + - 74e18565-d099-4ad6-9d6b-d28d96bf8459 Atl-Traceid: - - 1579fb0ec93041869a202fcfa46992b4 + - 74e18565d0994ad69d6bd28d96bf8459 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3636,7 +3776,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:44 GMT + - Tue, 04 Nov 2025 18:02:20 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3646,7 +3786,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=325,atl-edge;dur=322,atl-edge-internal;dur=15,atl-edge-upstream;dur=308,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="G_x4owpeotz2XEZHgWs5Uuxqfo8-L7sWLOj77GX-fULEyslo5j9mUw==",cdn-downstream-fbl;dur=328 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=192,atl-edge;dur=169,atl-edge-internal;dur=16,atl-edge-upstream;dur=153,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="0TaBKfnLKtbgnXw2Qdtr1eDydCIKD399_fj8MNHlgv68MVYnsxmo2g==",cdn-downstream-fbl;dur=196 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3656,15 +3796,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 903696f43fdfc4019d7102b6711e9fca.cloudfront.net (CloudFront) + - 1.1 78848e87583c98ba04111361257adc96.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - G_x4owpeotz2XEZHgWs5Uuxqfo8-L7sWLOj77GX-fULEyslo5j9mUw== + - 0TaBKfnLKtbgnXw2Qdtr1eDydCIKD399_fj8MNHlgv68MVYnsxmo2g== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P3 X-Arequestid: - - 2160cf15d66b64c33bee611478065b84 + - 1c2d36b4f8924bdf469af152b9f32e38 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3688,32 +3832,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:41.751+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:19.903+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/246]\n*Defect Dojo link:* http://localhost:8080/finding/246 - (246)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + 0.6.0)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3723,9 +3867,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3735,12 +3879,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 43c93ab6-0229-4c54-883d-3741b96423ea + - cc51c816-6c4d-4b18-8e3f-fd5570bb454c Atl-Traceid: - - 43c93ab602294c54883d3741b96423ea + - cc51c8166c4d4b188e3ffd5570bb454c Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3750,7 +3894,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:45 GMT + - Tue, 04 Nov 2025 18:02:21 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3760,7 +3904,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=441,atl-edge;dur=439,atl-edge-internal;dur=13,atl-edge-upstream;dur=426,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="dpW_DMJy5zXyyt4NPw43_JNpI4HmIDQcboNeydV0l2omkjYF5DTswA==",cdn-downstream-fbl;dur=444 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=357,atl-edge;dur=265,atl-edge-internal;dur=22,atl-edge-upstream;dur=242,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="OT0tZjbdTj4Q0GhynMs_mtY29Pdgw1jVqZR7IEcz5I6qRaxLbhrV4w==",cdn-downstream-fbl;dur=362 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3770,15 +3914,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 48e2dac80dc53d66fef4721e63ea9f44.cloudfront.net (CloudFront) + - 1.1 fb583d18c6b0f24d4447146b294e4f68.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - dpW_DMJy5zXyyt4NPw43_JNpI4HmIDQcboNeydV0l2omkjYF5DTswA== + - OT0tZjbdTj4Q0GhynMs_mtY29Pdgw1jVqZR7IEcz5I6qRaxLbhrV4w== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P3 X-Arequestid: - - 10ba2168dedfdeb03a7f9aa0529f2b75 + - 5d83d2afbfce3bf3e5ae58b331faba05 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3802,17 +3950,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:46.924+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:21.464+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 21ffd869-6014-462c-b248-bd94e7c28edc + - 687b50ac-ec0e-44a3-9d58-fd99f66384fd Atl-Traceid: - - 21ffd8696014462cb248bd94e7c28edc + - 687b50acec0e44a39d58fd99f66384fd Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3822,7 +3970,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:47 GMT + - Tue, 04 Nov 2025 18:02:21 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3832,7 +3980,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=327,atl-edge;dur=322,atl-edge-internal;dur=13,atl-edge-upstream;dur=309,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P2",cdn-rid;desc="6VsfvgKWJhpxN4at5Turp7GDClyhwoRyEA__EpiMR-EXzYk60q8Iwg==",cdn-downstream-fbl;dur=330 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=197,atl-edge;dur=174,atl-edge-internal;dur=18,atl-edge-upstream;dur=156,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="ZQN2BfOEdAKhFoAt9OZ0N58efP6aofU9tNgPeSZvtwL-shLpVjX9HA==",cdn-downstream-fbl;dur=202 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3842,15 +3990,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 352b1001018ea123117ef28ad154f522.cloudfront.net (CloudFront) + - 1.1 2049902380178fd7b885115d80ccf966.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 6VsfvgKWJhpxN4at5Turp7GDClyhwoRyEA__EpiMR-EXzYk60q8Iwg== + - ZQN2BfOEdAKhFoAt9OZ0N58efP6aofU9tNgPeSZvtwL-shLpVjX9HA== X-Amz-Cf-Pop: - - SYD3-P2 + - DEN52-P3 X-Arequestid: - - f418272caccb8d2147c4d558674e736f + - 229239e5000d8dd0c8e8ba625cfd4704 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3874,32 +4026,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:41.751+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:19.903+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/246]\n*Defect Dojo link:* http://localhost:8080/finding/246 - (246)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + 0.6.0)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3909,9 +4061,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -3921,12 +4073,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 6722837c-e5b0-4f12-9444-5843ba718b6e + - 5faf540f-0924-41b3-ac00-52853f96beaf Atl-Traceid: - - 6722837ce5b04f1294445843ba718b6e + - 5faf540f092441b3ac0052853f96beaf Cache-Control: - no-cache, no-store, no-transform Connection: @@ -3936,7 +4088,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:48 GMT + - Tue, 04 Nov 2025 18:02:21 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -3946,7 +4098,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=413,atl-edge;dur=410,atl-edge-internal;dur=16,atl-edge-upstream;dur=394,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P2",cdn-rid;desc="ATzhvy2a-PIuET60o8koOVbNx986h8hTsk_fa4rrdZvH6l3XjslNyQ==",cdn-downstream-fbl;dur=416 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=266,atl-edge;dur=243,atl-edge-internal;dur=16,atl-edge-upstream;dur=225,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="rswtz3OxLDcQEuIK6ZW0R1GZW5YtX4c1Pl9HXjOlw_I9UYPPTcc9cg==",cdn-downstream-fbl;dur=269 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -3956,15 +4108,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 f5bc0d54a76b57b6f435f98d3e741ea4.cloudfront.net (CloudFront) + - 1.1 a0b647da77edd97cca88fb4c4b1a9d08.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - ATzhvy2a-PIuET60o8koOVbNx986h8hTsk_fa4rrdZvH6l3XjslNyQ== + - rswtz3OxLDcQEuIK6ZW0R1GZW5YtX4c1Pl9HXjOlw_I9UYPPTcc9cg== X-Amz-Cf-Pop: - - SYD3-P2 + - DEN52-P3 X-Arequestid: - - 31ba58eebd3eacf9ffc61b64f7de43df + - ee93271a45c760e65898abf3bb73720a + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -3988,17 +4144,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:49.396+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:22.089+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - a6890f7e-ebd3-472c-b471-7a08447f6050 + - 2822b0a1-2381-4898-adfc-01f5c6446f77 Atl-Traceid: - - a6890f7eebd3472cb4717a08447f6050 + - 2822b0a123814898adfc01f5c6446f77 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4008,7 +4164,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:49 GMT + - Tue, 04 Nov 2025 18:02:22 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4018,7 +4174,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=319,atl-edge;dur=317,atl-edge-internal;dur=13,atl-edge-upstream;dur=304,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="tUeMqBFrnEb9pxvhpu_jLQVQCmhEf2omz7sdgnMT2BLkM0RoYD1Tlw==",cdn-downstream-fbl;dur=322 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=198,atl-edge;dur=173,atl-edge-internal;dur=15,atl-edge-upstream;dur=158,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="880lPGrOwzakRp5eLoiSlW4K6O4oM-JN4AyoHA53PKQ-8dHee9TXDA==",cdn-downstream-fbl;dur=203 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4028,15 +4184,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 903696f43fdfc4019d7102b6711e9fca.cloudfront.net (CloudFront) + - 1.1 89771419757f75b08f6c8fd411f8ef54.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - tUeMqBFrnEb9pxvhpu_jLQVQCmhEf2omz7sdgnMT2BLkM0RoYD1Tlw== + - 880lPGrOwzakRp5eLoiSlW4K6O4oM-JN4AyoHA53PKQ-8dHee9TXDA== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P1 X-Arequestid: - - 3b4835ee692f5695f1710e5d47374cea + - 40bd4fa845184618839ea8aa67c1ae16 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '347' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4060,32 +4220,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:41.751+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:19.903+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/246]\n*Defect Dojo link:* http://localhost:8080/finding/246 - (246)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + 0.6.0)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4095,9 +4255,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4107,12 +4267,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 67c1370a-bc1a-4f55-9e71-b1b4b738051b + - 63abcc9a-dffc-4ece-a76c-e2f9d667fd10 Atl-Traceid: - - 67c1370abc1a4f559e71b1b4b738051b + - 63abcc9adffc4ecea76ce2f9d667fd10 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4122,7 +4282,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:50 GMT + - Tue, 04 Nov 2025 18:02:22 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4132,7 +4292,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=434,atl-edge;dur=432,atl-edge-internal;dur=14,atl-edge-upstream;dur=419,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="ba8SHxFLLGg68-f76vSEtFAO7fQXb1Ov-0j6uDQVYtvLY0GugrpJpg==",cdn-downstream-fbl;dur=437 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=353,atl-edge;dur=330,atl-edge-internal;dur=17,atl-edge-upstream;dur=313,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="1pMJWHmN_3EOqCq9a4w_biaZxFl52ZvHu6VAv68O4h2BnwgMs5P2KQ==",cdn-downstream-fbl;dur=357 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4142,15 +4302,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 e6e7ea42488c65b080113b45f9cdebb4.cloudfront.net (CloudFront) + - 1.1 94d9d221defc9832eeda31acd3f6f552.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - ba8SHxFLLGg68-f76vSEtFAO7fQXb1Ov-0j6uDQVYtvLY0GugrpJpg== + - 1pMJWHmN_3EOqCq9a4w_biaZxFl52ZvHu6VAv68O4h2BnwgMs5P2KQ== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P1 X-Arequestid: - - 400c59e18b45e8e3fa0002b2094c21c3 + - cfccbfc79ed740076668c127d4688744 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '396' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4174,17 +4338,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:51.948+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:22.814+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - c3602a7e-0a1b-4be5-b2c2-69c3d6a43cb5 + - eca1e81f-0a94-4a03-b9bd-4a93f6a84b6d Atl-Traceid: - - c3602a7e0a1b4be5b2c269c3d6a43cb5 + - eca1e81f0a944a03b9bd4a93f6a84b6d Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4194,7 +4358,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:52 GMT + - Tue, 04 Nov 2025 18:02:22 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4204,7 +4368,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=319,atl-edge;dur=317,atl-edge-internal;dur=14,atl-edge-upstream;dur=304,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="1leZgygHib8gl1z5CDyOOHJ9-3vsXNMVV2fHg41qWYi7kg377pzVSw==",cdn-downstream-fbl;dur=322 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=193,atl-edge;dur=170,atl-edge-internal;dur=15,atl-edge-upstream;dur=155,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="jXY1uKBLKaT59_SDOMTLB73M4F2RM4inplIprXEu-_qK2TVwIN-VoA==",cdn-downstream-fbl;dur=197 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4214,15 +4378,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront) + - 1.1 d18c8670421cff5c9fa297b260cb2814.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 1leZgygHib8gl1z5CDyOOHJ9-3vsXNMVV2fHg41qWYi7kg377pzVSw== + - jXY1uKBLKaT59_SDOMTLB73M4F2RM4inplIprXEu-_qK2TVwIN-VoA== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P2 X-Arequestid: - - 6dfbd41566df0c1f41a7ac92e2e042e5 + - 5f9fc9cf6d353db1070c2ce65d6ee085 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '346' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4246,32 +4414,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:41.751+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:19.903+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of Service - (Negotiator, <= - 0.6.0)|http://localhost:8080/finding/246]\n*Defect Dojo link:* http://localhost:8080/finding/246 - (246)\n*Severity:* High\n *Due Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + 0.6.0)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4281,9 +4449,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4293,12 +4461,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 41b67b2c-b626-40ba-bac9-fc39a923c7d3 + - e29016e5-2b61-4ad7-a841-5c6f1ffa5b88 Atl-Traceid: - - 41b67b2cb62640babac9fc39a923c7d3 + - e29016e52b614ad7a8415c6f1ffa5b88 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4308,7 +4476,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:53 GMT + - Tue, 04 Nov 2025 18:02:23 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4318,7 +4486,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=425,atl-edge;dur=421,atl-edge-internal;dur=17,atl-edge-upstream;dur=405,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="mE9B1enCL4xDj7R0IVSyX8q5udCQXBNF6LcKss-beW4OL4H27GsliA==",cdn-downstream-fbl;dur=429 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=312,atl-edge;dur=289,atl-edge-internal;dur=16,atl-edge-upstream;dur=273,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="IpfW2dTSUI44CfpFjY1wyc7RmTVxoEJqC6LoedNzO-mwplIp053yaQ==",cdn-downstream-fbl;dur=315 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4328,15 +4496,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront) + - 1.1 51185e40453f61916e037fc6db50766c.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - mE9B1enCL4xDj7R0IVSyX8q5udCQXBNF6LcKss-beW4OL4H27GsliA== + - IpfW2dTSUI44CfpFjY1wyc7RmTVxoEJqC6LoedNzO-mwplIp053yaQ== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P3 X-Arequestid: - - 90e17906990c9815bb48ab4bc10d85d1 + - d81f8e468ee18767472c4e7e01b201f8 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '395' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4360,7 +4532,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -4374,9 +4546,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - d83ee3b5-0e28-4302-bf88-5613d4394d37 + - 5f1f2d03-c16d-4955-a9f5-4c05b2bc082c Atl-Traceid: - - d83ee3b50e284302bf885613d4394d37 + - 5f1f2d03c16d4955a9f54c05b2bc082c Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4386,7 +4558,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:54 GMT + - Tue, 04 Nov 2025 18:02:23 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4396,7 +4568,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=479,atl-edge;dur=477,atl-edge-internal;dur=13,atl-edge-upstream;dur=464,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="0zxbWx8U8wpUOxVPbZrapT0HeMgiYdixZLbFdFbbNw99yS9k0gFVBA==",cdn-downstream-fbl;dur=483 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=358,atl-edge;dur=335,atl-edge-internal;dur=22,atl-edge-upstream;dur=313,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="sM8fwxHxq_B2PqZMcjrcgbC-5sLYKRyH70Ul5GaznVzvbdt2dz9IcQ==",cdn-downstream-fbl;dur=361 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4406,18 +4578,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 3d26345933183b6a437e0f8ba3c37df8.cloudfront.net (CloudFront) + - 1.1 20c46424adb033d4de178e11a807b304.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 0zxbWx8U8wpUOxVPbZrapT0HeMgiYdixZLbFdFbbNw99yS9k0gFVBA== + - sM8fwxHxq_B2PqZMcjrcgbC-5sLYKRyH70Ul5GaznVzvbdt2dz9IcQ== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P3 X-Arequestid: - - 04a7e67904697814c3760461514ade57 + - 804a816c21eaf24300509ecb38dd5507 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4431,20 +4607,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified and + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4454,9 +4630,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4476,21 +4652,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3569' + - '3567' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - ecfcbc75-5a1b-410e-a23a-18d82872f5d2 + - 5e4a76c4-2c55-4756-87d4-5a8ec9255775 Atl-Traceid: - - ecfcbc755a1b410ea23a18d82872f5d2 + - 5e4a76c42c55475687d45a8ec9255775 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4498,7 +4674,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:56 GMT + - Tue, 04 Nov 2025 18:02:24 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4508,7 +4684,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=732,atl-edge;dur=730,atl-edge-internal;dur=16,atl-edge-upstream;dur=714,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="6eZjj8HHRI2CyzlN7EW3aehpZQ8tzNLRyr4Qi7SjFqGSlVGNRC7o3A==",cdn-downstream-fbl;dur=737 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=686,atl-edge;dur=596,atl-edge-internal;dur=16,atl-edge-upstream;dur=578,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="s55Hg-FMAK2BF6raSImonxHF7Q-u10K4gbf3AIrmmqLoiP57cVpeBw==",cdn-downstream-fbl;dur=691 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4516,15 +4692,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 0cd8fe15d9bdb168de9cd5f22954d220.cloudfront.net (CloudFront) + - 1.1 c3ec3fa9c5962899febb10c3fdc31872.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 6eZjj8HHRI2CyzlN7EW3aehpZQ8tzNLRyr4Qi7SjFqGSlVGNRC7o3A== + - s55Hg-FMAK2BF6raSImonxHF7Q-u10K4gbf3AIrmmqLoiP57cVpeBw== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P2 X-Arequestid: - - 533fd9f775e98c2345237cd9426193ea + - 5bebbc7c18cad54fcbfa61b0fdbd2e6c + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4548,32 +4728,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:56.046+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:24.236+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4583,9 +4763,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4595,12 +4775,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 8400f199-65b4-414f-baf7-5592054c1f69 + - e8dfb429-82a2-4913-9676-ef1e7db01c69 Atl-Traceid: - - 8400f19965b4414fbaf75592054c1f69 + - e8dfb42982a249139676ef1e7db01c69 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4610,7 +4790,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:57 GMT + - Tue, 04 Nov 2025 18:02:24 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4620,7 +4800,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=432,atl-edge;dur=430,atl-edge-internal;dur=18,atl-edge-upstream;dur=412,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="_XrlV-yHHkh4t90-abrrrC91x0ByE5UYpCCNLNxWjgQpS9F1S8-0fw==",cdn-downstream-fbl;dur=436 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=270,atl-edge;dur=248,atl-edge-internal;dur=16,atl-edge-upstream;dur=232,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="VeqylHLio8CVvKGruHDMtmZCr3l4kgov2bpTNSYfujEf59PJohGSsw==",cdn-downstream-fbl;dur=274 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4630,15 +4810,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 9d6e86f5b232838ca6f2f480892525b2.cloudfront.net (CloudFront) + - 1.1 91ce9b89afcd32f5bca16bfe69ee21c2.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - _XrlV-yHHkh4t90-abrrrC91x0ByE5UYpCCNLNxWjgQpS9F1S8-0fw== + - VeqylHLio8CVvKGruHDMtmZCr3l4kgov2bpTNSYfujEf59PJohGSsw== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P1 X-Arequestid: - - d7afb007393d480cd76e8a7abe2f52e6 + - 76316377dd541fb74e21401d0a8d2bd3 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4662,17 +4846,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:03:58.831+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:25.203+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - edbdf0e2-3afa-4a0e-8ea0-dc5e12540981 + - 1f4b4c5f-4bcb-4864-a104-5aa50bd85c8c Atl-Traceid: - - edbdf0e23afa4a0e8ea0dc5e12540981 + - 1f4b4c5f4bcb4864a1045aa50bd85c8c Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4682,7 +4866,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:03:58 GMT + - Tue, 04 Nov 2025 18:02:25 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4692,7 +4876,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=335,atl-edge;dur=332,atl-edge-internal;dur=14,atl-edge-upstream;dur=319,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="R7I2-fTcaCkqcqWE3EQ-vg-SHcF1ZsnBxxwm72QbrNkfPRDS6yX0mw==",cdn-downstream-fbl;dur=339 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=273,atl-edge;dur=183,atl-edge-internal;dur=24,atl-edge-upstream;dur=159,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="fQ4bGgNUnmCBFvheKbWLDsUu5bAKJXPxyMzSK10OAVYU3vjbriNIQg==",cdn-downstream-fbl;dur=277 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4702,15 +4886,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront) + - 1.1 16d72e0791ff01fc4470d27fc024527a.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - R7I2-fTcaCkqcqWE3EQ-vg-SHcF1ZsnBxxwm72QbrNkfPRDS6yX0mw== + - fQ4bGgNUnmCBFvheKbWLDsUu5bAKJXPxyMzSK10OAVYU3vjbriNIQg== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P2 X-Arequestid: - - f7c14dd99f240affc87e565dd2c73000 + - 02d48cf190374fc86b16af4accf371d7 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4734,32 +4922,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:03:56.046+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:24.236+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4769,9 +4957,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4781,12 +4969,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 7ba6e8f0-3034-4de2-a3fc-4b9be3127dd7 + - 701ffec8-07e8-4cc8-beaa-e7589f2d4d84 Atl-Traceid: - - 7ba6e8f030344de2a3fc4b9be3127dd7 + - 701ffec807e84cc8beaae7589f2d4d84 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4796,7 +4984,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:00 GMT + - Tue, 04 Nov 2025 18:02:26 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4806,7 +4994,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=426,atl-edge;dur=424,atl-edge-internal;dur=15,atl-edge-upstream;dur=409,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="3ptf39W8aQ8CanFBzy2Lu86HgdWEOyIXufUrQ6v0rkaARx_8x9ibYw==",cdn-downstream-fbl;dur=430 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=756,atl-edge;dur=668,atl-edge-internal;dur=23,atl-edge-upstream;dur=645,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="mIK4SyiIdDVu6RGtG5tCHeQAmcJu0xKZFMg_GJeDO6EtdP5G5CHN4g==",cdn-downstream-fbl;dur=761 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4816,15 +5004,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 0c5c9092233f69156c68308fd823bd58.cloudfront.net (CloudFront) + - 1.1 cb4937748c19bcccb40a5a5875f01552.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 3ptf39W8aQ8CanFBzy2Lu86HgdWEOyIXufUrQ6v0rkaARx_8x9ibYw== + - mIK4SyiIdDVu6RGtG5tCHeQAmcJu0xKZFMg_GJeDO6EtdP5G5CHN4g== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P1 X-Arequestid: - - 4753419605d52bfc27fc8ada048a982b + - 46b14ce616c15f26c99f15f0242f139c + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4848,7 +5040,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -4862,9 +5054,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - 97ab9ab6-d19e-4ac7-b453-146d97f06c52 + - 91123068-c739-49f8-9735-4d8165d59ba2 Atl-Traceid: - - 97ab9ab6d19e4ac7b453146d97f06c52 + - 91123068c73949f897354d8165d59ba2 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4874,7 +5066,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:01 GMT + - Tue, 04 Nov 2025 18:02:26 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4884,7 +5076,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=470,atl-edge;dur=468,atl-edge-internal;dur=15,atl-edge-upstream;dur=453,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="_Vp4IkTlUNjXH0oEbgyJNr1O1cneAfJRNFyFLEDZKHTOrvemZEiWzw==",cdn-downstream-fbl;dur=473 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=485,atl-edge;dur=396,atl-edge-internal;dur=20,atl-edge-upstream;dur=372,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="AqvsB_y8_rvzry1Pzab-nQYaNJe4pKSotehyV8aHE6qs8lQ9BvMbFw==",cdn-downstream-fbl;dur=488 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -4894,18 +5086,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront) + - 1.1 64544648f8289d0bd61ef02997afb698.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - _Vp4IkTlUNjXH0oEbgyJNr1O1cneAfJRNFyFLEDZKHTOrvemZEiWzw== + - AqvsB_y8_rvzry1Pzab-nQYaNJe4pKSotehyV8aHE6qs8lQ9BvMbFw== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P3 X-Arequestid: - - f6b39322e36636c1db22f112e9b7eb5f + - 73c1cc123a70221112e623f422cf6a61 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -4919,20 +5115,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* High *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4942,9 +5138,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -4964,21 +5160,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3573' + - '3572' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - c89b407d-62f7-44e5-9f97-cd514707b0a9 + - 6c0835c8-c46a-47af-b2d1-529803d3187e Atl-Traceid: - - c89b407d62f744e59f97cd514707b0a9 + - 6c0835c8c46a47afb2d1529803d3187e Cache-Control: - no-cache, no-store, no-transform Connection: @@ -4986,7 +5182,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:03 GMT + - Tue, 04 Nov 2025 18:02:27 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -4996,7 +5192,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="bP-G37a89SS3vjOU-NS0RT7kzB5Jh3FQ1PgcMmUfcPSQHKFgNHB5cw==",cdn-downstream-fbl;dur=748,cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=3,cdn-upstream-fbl;dur=745,atl-edge;dur=739,atl-edge-internal;dur=15,atl-edge-upstream;dur=724,atl-edge-pop;desc="aws-ap-southeast-2" + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=655,atl-edge;dur=631,atl-edge-internal;dur=15,atl-edge-upstream;dur=616,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="M8BsbPNg6JPvGWu1PlT0Pyv6lVgFrE9URhwnN215kPDxeDUhmL4KDA==",cdn-downstream-fbl;dur=659 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5004,15 +5200,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 d3f1182213e75f053a9e7404f079d540.cloudfront.net (CloudFront) + - 1.1 db94b8e3e5f45aab1e90db086a8debc0.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - bP-G37a89SS3vjOU-NS0RT7kzB5Jh3FQ1PgcMmUfcPSQHKFgNHB5cw== + - M8BsbPNg6JPvGWu1PlT0Pyv6lVgFrE9URhwnN215kPDxeDUhmL4KDA== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P3 X-Arequestid: - - 3a4456a163ee6352652f931468a4b203 + - f90b26e068979b5ae9420c34a55ad1d0 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5036,32 +5236,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:03:00.767+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:05.858+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:02.884+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:27.082+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* High *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5071,9 +5271,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5083,12 +5283,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 81400ede-dfb8-4fff-bf59-8375f44b68f1 + - 4eae537c-d355-44a8-8f77-be67905c5cf4 Atl-Traceid: - - 81400ededfb84fffbf598375f44b68f1 + - 4eae537cd35544a88f77be67905c5cf4 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5098,7 +5298,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:04 GMT + - Tue, 04 Nov 2025 18:02:27 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5108,7 +5308,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=418,atl-edge;dur=415,atl-edge-internal;dur=16,atl-edge-upstream;dur=400,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="7vGXiscnEnA9waYEk87A_4bEN7CAGHgDHCurc6g7SeM_ivZYLEGnjQ==",cdn-downstream-fbl;dur=421 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=340,atl-edge;dur=317,atl-edge-internal;dur=16,atl-edge-upstream;dur=301,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="NPfl8EGZ9a4ePeNO1bYPwYn4tU5OA3NXHpVl7w9WDJvJaHGH_OnJKQ==",cdn-downstream-fbl;dur=344 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5118,15 +5318,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 8ccca629f0b1ca48e2e69a056f61f9a6.cloudfront.net (CloudFront) + - 1.1 f0a2a95cb4d25b2414a9c1a7a754943e.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 7vGXiscnEnA9waYEk87A_4bEN7CAGHgDHCurc6g7SeM_ivZYLEGnjQ== + - NPfl8EGZ9a4ePeNO1bYPwYn4tU5OA3NXHpVl7w9WDJvJaHGH_OnJKQ== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P2 X-Arequestid: - - a33acb96444771ae4835f221cb178a85 + - 4b013436975334dac71b5a4a95663298 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5152,17 +5356,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: POST - uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/transitions + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/transitions response: body: string: '' headers: Atl-Request-Id: - - bf37831a-8101-4755-8586-7a191ff86cf9 + - e318c0b2-404d-418a-ad27-51c03002fc80 Atl-Traceid: - - bf37831a8101475585867a191ff86cf9 + - e318c0b2404d418aad2751c03002fc80 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5170,7 +5374,7 @@ interactions: Content-Type: - text/html;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:06 GMT + - Tue, 04 Nov 2025 18:02:28 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5180,7 +5384,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=632,atl-edge;dur=630,atl-edge-internal;dur=15,atl-edge-upstream;dur=614,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="0r0FbsOpbohvxvYT9LOyS-t5EaeynQyAKYw5Pef7IukRNR85RiMKdA==",cdn-downstream-fbl;dur=637 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=699,atl-edge;dur=675,atl-edge-internal;dur=18,atl-edge-upstream;dur=658,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="IR71YWtovfyr_it1N_h3rU9HL4Zc7X63-R6GTE6z5da29SvZGcvxNw==",cdn-downstream-fbl;dur=702 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5188,15 +5392,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront) + - 1.1 b5a2e617d7392a245dec0250ae9c6002.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 0r0FbsOpbohvxvYT9LOyS-t5EaeynQyAKYw5Pef7IukRNR85RiMKdA== + - IR71YWtovfyr_it1N_h3rU9HL4Zc7X63-R6GTE6z5da29SvZGcvxNw== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P3 X-Arequestid: - - d27ea474430cd26e2752a742e9053729 + - c29c3ac0da5eb8b4309793ef9f63c36f + X-Beta-Ratelimit-Limit: + - '200' + X-Beta-Ratelimit-Remaining: + - '199' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5220,17 +5428,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:07.184+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:28.855+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 30cd79c4-8c53-4bd8-a25a-4758b1592ab6 + - 76b4e1d5-a31b-464c-94ae-60353561bde4 Atl-Traceid: - - 30cd79c48c534bd8a25a4758b1592ab6 + - 76b4e1d5a31b464c94ae60353561bde4 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5240,7 +5448,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:07 GMT + - Tue, 04 Nov 2025 18:02:28 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5250,7 +5458,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=326,atl-edge;dur=325,atl-edge-internal;dur=14,atl-edge-upstream;dur=311,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="ieqvJFIAds223mz3kxdijPb-wv2KRDH2F3ivEWFXa5IvOq9_rxEx6w==",cdn-downstream-fbl;dur=330 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=266,atl-edge;dur=176,atl-edge-internal;dur=23,atl-edge-upstream;dur=153,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="0cHjzpUYaf1RmN2UfXsV1qVWcpC3AqAQKLWo1i4UwGXp8DzStFIOaA==",cdn-downstream-fbl;dur=269 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5260,15 +5468,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 3437ef72cec711eb0ebed9222a22cf66.cloudfront.net (CloudFront) + - 1.1 99f4e9fd554682341f34ffd484d44998.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - ieqvJFIAds223mz3kxdijPb-wv2KRDH2F3ivEWFXa5IvOq9_rxEx6w== + - 0cHjzpUYaf1RmN2UfXsV1qVWcpC3AqAQKLWo1i4UwGXp8DzStFIOaA== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P1 X-Arequestid: - - cb0ac526daf0af7c5259caa3be993c0e + - 69984953ed411b7b0aa2ea595befc83f + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5292,31 +5504,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:05.748+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:28.160+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* High *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5326,9 +5538,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5338,12 +5550,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - e2325969-ac02-47b1-bd45-4198f3584c22 + - 85062ccd-d61a-4d7a-8136-14e7e49c427c Atl-Traceid: - - e2325969ac0247b1bd454198f3584c22 + - 85062ccdd61a4d7a813614e7e49c427c Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5353,7 +5565,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:08 GMT + - Tue, 04 Nov 2025 18:02:29 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5363,7 +5575,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=437,atl-edge;dur=434,atl-edge-internal;dur=16,atl-edge-upstream;dur=419,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="WWJvCeTLXDWUpENBi8zaLSq0DDqktQ5yiqcuh1r4z_yoFLPa7uVLpA==",cdn-downstream-fbl;dur=441 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=430,atl-edge;dur=339,atl-edge-internal;dur=20,atl-edge-upstream;dur=317,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="P_u679crHqEzpRwu3Z6uz8bDrSJgqFr9HjFTKAHrYfeIP9wFw74aIA==",cdn-downstream-fbl;dur=433 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5373,15 +5585,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront) + - 1.1 f0ef5666a43050928ff9758d51713e72.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - WWJvCeTLXDWUpENBi8zaLSq0DDqktQ5yiqcuh1r4z_yoFLPa7uVLpA== + - P_u679crHqEzpRwu3Z6uz8bDrSJgqFr9HjFTKAHrYfeIP9wFw74aIA== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P1 X-Arequestid: - - 32f78d7b37ce2fde2a6f0741cc0bd59f + - ddfeb3714c3598a803d35afe890aa0f2 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5405,17 +5621,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:09.687+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:29.670+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - cc256628-176c-4aa2-ab1d-971adbcf397e + - 0ea5aafc-2b64-46e2-a588-b4d7d70bd5a5 Atl-Traceid: - - cc256628176c4aa2ab1d971adbcf397e + - 0ea5aafc2b6446e2a588b4d7d70bd5a5 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5425,7 +5641,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:09 GMT + - Tue, 04 Nov 2025 18:02:29 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5435,7 +5651,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=328,atl-edge;dur=322,atl-edge-internal;dur=14,atl-edge-upstream;dur=308,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="ce3ctW-5-8CBNlZdjWfGm5XLeyvcFndBRZo0dYLQlQuS9f9vahsrmw==",cdn-downstream-fbl;dur=332 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=198,atl-edge;dur=175,atl-edge-internal;dur=14,atl-edge-upstream;dur=160,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="hm1eeI7e3RynwJYjjKvAf5FCmMsa5OWana5C6u_NXxV_jp2OpjPekA==",cdn-downstream-fbl;dur=201 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5445,15 +5661,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 82008a7e089b84e7f0a6d8d139a4e3de.cloudfront.net (CloudFront) + - 1.1 da745b01c27611dac38d175371cb7b54.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - ce3ctW-5-8CBNlZdjWfGm5XLeyvcFndBRZo0dYLQlQuS9f9vahsrmw== + - hm1eeI7e3RynwJYjjKvAf5FCmMsa5OWana5C6u_NXxV_jp2OpjPekA== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P2 X-Arequestid: - - eb80aa691e1c7ea8db1479c96fe6257c + - 3ed200499a43fc519641aa2dd72fbaf2 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5477,31 +5697,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:05.748+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:28.160+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* High *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5511,9 +5731,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5523,12 +5743,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 61ccfa73-717f-4072-9472-163f7a80f192 + - 2ed7b440-b994-467f-9323-aa4bcad1e65e Atl-Traceid: - - 61ccfa73717f40729472163f7a80f192 + - 2ed7b440b994467f9323aa4bcad1e65e Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5538,7 +5758,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:11 GMT + - Tue, 04 Nov 2025 18:02:30 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5548,7 +5768,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=407,atl-edge;dur=405,atl-edge-internal;dur=17,atl-edge-upstream;dur=386,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="oF1l-2irq1VoYqMdL13w4yEX7wmDRiG8_xwopPO9oXZm5POuBNz84Q==",cdn-downstream-fbl;dur=411 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=308,atl-edge;dur=283,atl-edge-internal;dur=17,atl-edge-upstream;dur=267,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="Qy8aJ2Wbzi0R46MhwPjsDT0vqRGdejoHowouTYwUanEJ7Fi4NoPpkQ==",cdn-downstream-fbl;dur=312 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5558,15 +5778,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 3e4f9c0400441c93ce3468dd26ef9ee4.cloudfront.net (CloudFront) + - 1.1 1a5bcf25cf6144683736a6579a7fb98e.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - oF1l-2irq1VoYqMdL13w4yEX7wmDRiG8_xwopPO9oXZm5POuBNz84Q== + - Qy8aJ2Wbzi0R46MhwPjsDT0vqRGdejoHowouTYwUanEJ7Fi4NoPpkQ== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P2 X-Arequestid: - - c1772ea9b8f14e4c17e8b1299c80f57f + - bcdd2be845605b1af6e83a93d85706d1 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5590,17 +5814,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:12.223+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:30.412+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - ab5e7821-b9e9-4f0d-85da-976006f76182 + - dc8a785e-7f1a-4ed3-8f3b-a44e6cc0d9f0 Atl-Traceid: - - ab5e7821b9e94f0d85da976006f76182 + - dc8a785e7f1a4ed38f3ba44e6cc0d9f0 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5610,7 +5834,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:12 GMT + - Tue, 04 Nov 2025 18:02:30 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5620,7 +5844,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=328,atl-edge;dur=326,atl-edge-internal;dur=13,atl-edge-upstream;dur=313,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="wlxgtAjN1p2_Y5y5rRiy1xViSFIl0MicFhmFAIqo6eLMTHwxaaIcPw==",cdn-downstream-fbl;dur=333 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=189,atl-edge;dur=167,atl-edge-internal;dur=14,atl-edge-upstream;dur=153,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="hXD5-bcewdUjjXxgpMsngfnZa31qeEQo8u7qeeI4cawgXXo5_kGFCA==",cdn-downstream-fbl;dur=193 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5630,15 +5854,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 e6e7ea42488c65b080113b45f9cdebb4.cloudfront.net (CloudFront) + - 1.1 9379390e7d447e1d911f7741c8ae2f24.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - wlxgtAjN1p2_Y5y5rRiy1xViSFIl0MicFhmFAIqo6eLMTHwxaaIcPw== + - hXD5-bcewdUjjXxgpMsngfnZa31qeEQo8u7qeeI4cawgXXo5_kGFCA== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN52-P1 X-Arequestid: - - f3ccb2ed019adea7ce5dda70d811082c + - 4c87fd04b308864ca1f62aab6b4ca418 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '347' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5662,31 +5890,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:05.748+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:28.160+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* High *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Inactive, Verified, Mitigated|\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5696,9 +5924,9 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5708,12 +5936,12 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - d76f68f8-1644-400e-9b45-c19447794008 + - ef4afb82-570f-4e40-907f-d3e3f4ac01f8 Atl-Traceid: - - d76f68f81644400e9b45c19447794008 + - ef4afb82570f4e40907fd3e3f4ac01f8 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5723,7 +5951,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:13 GMT + - Tue, 04 Nov 2025 18:02:30 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5733,7 +5961,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=450,atl-edge;dur=448,atl-edge-internal;dur=20,atl-edge-upstream;dur=426,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="hpFST4gTmPiWY_ZuXU776uqtfLcJ5_PvH7fGjyP-4VHi00twq0S-fQ==",cdn-downstream-fbl;dur=453 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=298,atl-edge;dur=275,atl-edge-internal;dur=16,atl-edge-upstream;dur=259,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="Eey6fhnPCtbAksd0SHoiuMOPIrIJZ3QvuTZf_kaCxf81JCuIu6bDRg==",cdn-downstream-fbl;dur=301 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5743,15 +5971,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 cc5461804f39ae1b3956b0f75ed048ce.cloudfront.net (CloudFront) + - 1.1 db28001b9bfb563d1bfcaccd38c4436a.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - hpFST4gTmPiWY_ZuXU776uqtfLcJ5_PvH7fGjyP-4VHi00twq0S-fQ== + - Eey6fhnPCtbAksd0SHoiuMOPIrIJZ3QvuTZf_kaCxf81JCuIu6bDRg== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P1 X-Arequestid: - - b4b5f2a52eec893e2ccf8eff75a9a9a9 + - 4a65143fd32e1fb94325d3d02b65f1b3 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5775,7 +6007,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -5789,9 +6021,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - f44659d7-4b03-4f92-9aa1-49d40a6bb2c3 + - 26d68e00-fc97-4615-8c36-35fc6eb20bd4 Atl-Traceid: - - f44659d74b034f929aa149d40a6bb2c3 + - 26d68e00fc9746158c3635fc6eb20bd4 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5801,7 +6033,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:15 GMT + - Tue, 04 Nov 2025 18:02:31 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5811,7 +6043,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=495,atl-edge;dur=488,atl-edge-internal;dur=14,atl-edge-upstream;dur=474,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="kf1934QhBnHiCA0VJlgxA-tUUp9ypGZ1Z0wkPRWa4JRciHRl5uRn0A==",cdn-downstream-fbl;dur=499 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=367,atl-edge;dur=342,atl-edge-internal;dur=19,atl-edge-upstream;dur=324,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="qqGsJCw07be3XxAxHmleKdXeyaaYfHzftA96yWBHzgeefUuQlTO9EQ==",cdn-downstream-fbl;dur=371 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5821,18 +6053,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 b96ad58427ffff8b9d3959350f8c9f16.cloudfront.net (CloudFront) + - 1.1 272eaf2883bb602816447bd7132021d2.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - kf1934QhBnHiCA0VJlgxA-tUUp9ypGZ1Z0wkPRWa4JRciHRl5uRn0A== + - qqGsJCw07be3XxAxHmleKdXeyaaYfHzftA96yWBHzgeefUuQlTO9EQ== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P1 X-Arequestid: - - bee7d2e295024835e7a21e2acfbb1dce + - b59f40b78e4805b78dc498f71f2d354a + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5846,20 +6082,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* Medium *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5869,8 +6105,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of - Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n *CWE:* + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5894,17 +6130,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - f02be48b-5d7f-465c-b9f5-8a5ff38c5ae7 + - 13a948f5-f71b-4862-9552-c33a25c0439a Atl-Traceid: - - f02be48b5d7f465cb9f58a5ff38c5ae7 + - 13a948f5f71b48629552c33a25c0439a Cache-Control: - no-cache, no-store, no-transform Connection: @@ -5912,7 +6148,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:16 GMT + - Tue, 04 Nov 2025 18:02:32 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -5922,7 +6158,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=700,atl-edge;dur=697,atl-edge-internal;dur=15,atl-edge-upstream;dur=681,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P2",cdn-rid;desc="ov56-66LB7eHtH8tKi3qAJrliv2cjrVG5cfJGPa1NG5G3Vmnuwz03A==",cdn-downstream-fbl;dur=704 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=560,atl-edge;dur=536,atl-edge-internal;dur=17,atl-edge-upstream;dur=520,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="G_nlrRB-sJiE1FRGZKzb9-SDjnLhxEHBZGxZThGVXO5FwA9YXoy_Ow==",cdn-downstream-fbl;dur=565 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -5930,15 +6166,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 4682ab309f4f72758d209c996a38d094.cloudfront.net (CloudFront) + - 1.1 9062d4391fad2aec3a7d6f3edcebc662.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - ov56-66LB7eHtH8tKi3qAJrliv2cjrVG5cfJGPa1NG5G3Vmnuwz03A== + - G_nlrRB-sJiE1FRGZKzb9-SDjnLhxEHBZGxZThGVXO5FwA9YXoy_Ow== X-Amz-Cf-Pop: - - SYD3-P2 + - DEN53-P2 X-Arequestid: - - 8bca410ec14b4d5960f61f22f4e21125 + - f3a36fc91e1f81cbe921f0cbd84eaf37 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -5962,31 +6202,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:16.303+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:31.787+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* Medium *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -5996,8 +6236,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -6008,12 +6248,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - f2bb83a7-fcad-408b-992c-8965df074531 + - 0c38a635-3b3e-4910-9c5d-2f6a1c4cc2a3 Atl-Traceid: - - f2bb83a7fcad408b992c8965df074531 + - 0c38a6353b3e49109c5d2f6a1c4cc2a3 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6023,7 +6263,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:17 GMT + - Tue, 04 Nov 2025 18:02:32 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6033,7 +6273,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=415,atl-edge;dur=413,atl-edge-internal;dur=16,atl-edge-upstream;dur=397,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="cuBJur0jYF5Sz6orVCcBpV7XgdNGnYrF17hRd9gQ0f_JLJPUfFKZYg==",cdn-downstream-fbl;dur=420 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=259,atl-edge;dur=236,atl-edge-internal;dur=16,atl-edge-upstream;dur=220,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="Xiw3f1mCwgx6460JhWRmS5qzMM_ICjpNWNWUnO1U3a52_vIGhNlNLQ==",cdn-downstream-fbl;dur=263 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6043,15 +6283,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront) + - 1.1 98d9402866aa771c6e6bbecb98c200aa.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - cuBJur0jYF5Sz6orVCcBpV7XgdNGnYrF17hRd9gQ0f_JLJPUfFKZYg== + - Xiw3f1mCwgx6460JhWRmS5qzMM_ICjpNWNWUnO1U3a52_vIGhNlNLQ== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P1 X-Arequestid: - - a27a5e0f41ae92f4fda04e384837f4b9 + - a3a53d0a7e425f419a7174ea00993c37 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6075,17 +6319,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:18.996+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:32.594+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 93436a4d-e21f-46c2-9504-7bd393ed51bd + - f896cac3-c253-4eff-a552-e3465f3b8464 Atl-Traceid: - - 93436a4de21f46c295047bd393ed51bd + - f896cac3c2534effa552e3465f3b8464 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6095,7 +6339,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:19 GMT + - Tue, 04 Nov 2025 18:02:32 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6105,7 +6349,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=311,atl-edge;dur=310,atl-edge-internal;dur=12,atl-edge-upstream;dur=297,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="Bdg8X8QplHvORUIRCFwu3B46RW87UxYNAD6dUq3PLsXuliiqdAoanA==",cdn-downstream-fbl;dur=315 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=202,atl-edge;dur=177,atl-edge-internal;dur=19,atl-edge-upstream;dur=160,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="W5cGxk-h4odaQxyMDqhKlF9wwqCPm0MV9su9qQjvj4zbL5imSb7j0w==",cdn-downstream-fbl;dur=205 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6115,15 +6359,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront) + - 1.1 d18c8670421cff5c9fa297b260cb2814.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - Bdg8X8QplHvORUIRCFwu3B46RW87UxYNAD6dUq3PLsXuliiqdAoanA== + - W5cGxk-h4odaQxyMDqhKlF9wwqCPm0MV9su9qQjvj4zbL5imSb7j0w== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P2 X-Arequestid: - - cedf3130752c69bb6bfec1b1de700232 + - 6863671811f04aede958d531f927fc9b + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6147,31 +6395,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:16.303+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:31.787+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* Medium *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -6181,8 +6429,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -6193,12 +6441,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - cb991777-76b6-4375-b9e7-8652e1e90ee9 + - 1568bced-3eeb-443f-abf4-67c78967c96f Atl-Traceid: - - cb99177776b64375b9e78652e1e90ee9 + - 1568bced3eeb443fabf467c78967c96f Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6208,7 +6456,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:20 GMT + - Tue, 04 Nov 2025 18:02:33 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6218,7 +6466,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=428,atl-edge;dur=427,atl-edge-internal;dur=17,atl-edge-upstream;dur=409,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="zMQy3jJ641KThoVTrpgFW-Dt67aR7PN3k1hRvcqnjQK019Z9Jl6RzQ==",cdn-downstream-fbl;dur=433 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=308,atl-edge;dur=285,atl-edge-internal;dur=18,atl-edge-upstream;dur=267,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="Zmh-PTuHoi8Wz9yaxe3JQqsS1gucXJ0zR_BNggfl_y04kQ737GiKwg==",cdn-downstream-fbl;dur=312 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6228,15 +6476,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 3d26345933183b6a437e0f8ba3c37df8.cloudfront.net (CloudFront) + - 1.1 86b6aab4b36e97123c5f76cc2e3ac8ec.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - zMQy3jJ641KThoVTrpgFW-Dt67aR7PN3k1hRvcqnjQK019Z9Jl6RzQ== + - Zmh-PTuHoi8Wz9yaxe3JQqsS1gucXJ0zR_BNggfl_y04kQ737GiKwg== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P1 X-Arequestid: - - 8bb6d96117d6cc9b4f67f0ec8e126b04 + - 1574c10e7f6fb37c538e545415c4bdd8 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6260,17 +6512,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:21.535+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:33.308+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 48c68e59-ff64-4946-9a56-f9f5d8fd1966 + - 295e2098-a67e-4e03-844a-fc073a9000a4 Atl-Traceid: - - 48c68e59ff6449469a56f9f5d8fd1966 + - 295e2098a67e4e03844afc073a9000a4 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6280,7 +6532,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:21 GMT + - Tue, 04 Nov 2025 18:02:33 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6290,7 +6542,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=344,atl-edge;dur=342,atl-edge-internal;dur=14,atl-edge-upstream;dur=329,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="IeVebs2HQlaZdB5sqM0Nsy4LdmKP-OpQWmsvw9NCY7AjHThmNbsUqw==",cdn-downstream-fbl;dur=348 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=21,cdn-upstream-fbl;dur=268,atl-edge;dur=180,atl-edge-internal;dur=18,atl-edge-upstream;dur=159,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="5w4SsVzYCnEby_tzpIqXDOGfyOAiKRC2lRTWddWsv6lduT-A9No-PA==",cdn-downstream-fbl;dur=272 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6300,15 +6552,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront) + - 1.1 9d0c0f607ed2753212b70ce75683881e.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - IeVebs2HQlaZdB5sqM0Nsy4LdmKP-OpQWmsvw9NCY7AjHThmNbsUqw== + - 5w4SsVzYCnEby_tzpIqXDOGfyOAiKRC2lRTWddWsv6lduT-A9No-PA== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P3 X-Arequestid: - - 302209279622f2e9ea01e1106667e9e1 + - 9f8a86f14c9aab40078ee3ccc6b383bc + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6332,31 +6588,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:16.303+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:31.787+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* Medium *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -6366,8 +6622,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -6378,12 +6634,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - bb6fe927-bb9f-4bd1-a81a-4090ec8dc0ff + - 32e21ec6-d322-48c1-9104-6a4b55975dc7 Atl-Traceid: - - bb6fe927bb9f4bd1a81a4090ec8dc0ff + - 32e21ec6d32248c191046a4b55975dc7 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6393,7 +6649,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:22 GMT + - Tue, 04 Nov 2025 18:02:33 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6403,7 +6659,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=414,atl-edge;dur=411,atl-edge-internal;dur=15,atl-edge-upstream;dur=396,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="595hAZhQqjmcQBHd1Egqkm6ZHYTolXHMzywNsdhTNZHdz6WnFtTQ-A==",cdn-downstream-fbl;dur=419 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=310,atl-edge;dur=287,atl-edge-internal;dur=17,atl-edge-upstream;dur=270,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="S8JDi7gASAqQRgM9mClF2vcbWBlgDmU43jXkmvp6E3qqrfF9OUWEqg==",cdn-downstream-fbl;dur=314 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6413,15 +6669,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront) + - 1.1 057707d7f80ca305efe5fad72e15b94c.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 595hAZhQqjmcQBHd1Egqkm6ZHYTolXHMzywNsdhTNZHdz6WnFtTQ-A== + - S8JDi7gASAqQRgM9mClF2vcbWBlgDmU43jXkmvp6E3qqrfF9OUWEqg== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P3 X-Arequestid: - - 91f326b1510687313bb3f3efa259ad63 + - c7eacd26c03d831698066a736bce84b1 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6445,17 +6705,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:24.066+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:34.077+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 1e14899d-fec7-4213-b71f-1b8fe90aa415 + - 06dbdc39-0311-47f8-b906-d9fd82535f8d Atl-Traceid: - - 1e14899dfec74213b71f1b8fe90aa415 + - 06dbdc39031147f8b906d9fd82535f8d Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6465,7 +6725,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:24 GMT + - Tue, 04 Nov 2025 18:02:34 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6475,7 +6735,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=333,atl-edge;dur=329,atl-edge-internal;dur=14,atl-edge-upstream;dur=315,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="nVFu2RBdrP-ld85Vbk3Fw2EMtu0hCjboSsqYDDXjKQ7J1PiXwE-l6g==",cdn-downstream-fbl;dur=336 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=202,atl-edge;dur=179,atl-edge-internal;dur=16,atl-edge-upstream;dur=164,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="GOYaMNJjoXVZli20mbVW0g3t8lc73E_GRlEF9aQQBl__IfezzmDZ0A==",cdn-downstream-fbl;dur=207 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6485,15 +6745,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 a97b28e298ec5907aa1d86d22bc232a0.cloudfront.net (CloudFront) + - 1.1 b1a94c3ca6429736112e2213a359c78a.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - nVFu2RBdrP-ld85Vbk3Fw2EMtu0hCjboSsqYDDXjKQ7J1PiXwE-l6g== + - GOYaMNJjoXVZli20mbVW0g3t8lc73E_GRlEF9aQQBl__IfezzmDZ0A== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P3 X-Arequestid: - - 3790b3e665db34ced97b98233f3121ee + - 166986c9991bdf435aff80675b7f872b + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '347' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6517,31 +6781,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:16.303+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:31.787+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* Medium *Due Date:* None \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Inactive, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Inactive, Verified, Mitigated|\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -6551,8 +6815,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -6563,12 +6827,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 7cb7785a-9135-4343-a23f-d17b9347d600 + - 28b2cda1-0c97-4c69-80ca-3a86d6495f8b Atl-Traceid: - - 7cb7785a91354343a23fd17b9347d600 + - 28b2cda10c974c6980ca3a86d6495f8b Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6578,7 +6842,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:25 GMT + - Tue, 04 Nov 2025 18:02:34 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6588,7 +6852,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=411,atl-edge;dur=407,atl-edge-internal;dur=15,atl-edge-upstream;dur=392,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="9YWH1fQ6-XnCRHGsSa90zsK2QCp2Ewyx-MKEdiPL8uXKKcNArbxVhQ==",cdn-downstream-fbl;dur=415 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=281,atl-edge;dur=258,atl-edge-internal;dur=16,atl-edge-upstream;dur=242,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="30aCFrMyTvzA6QXBfYx1ZW4LjaiDACISKsHmdH3EGQRcsP7SHVqevg==",cdn-downstream-fbl;dur=285 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6598,15 +6862,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 9f543b41d91998db89601c7fae0f18c2.cloudfront.net (CloudFront) + - 1.1 b1a94c3ca6429736112e2213a359c78a.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 9YWH1fQ6-XnCRHGsSa90zsK2QCp2Ewyx-MKEdiPL8uXKKcNArbxVhQ== + - 30aCFrMyTvzA6QXBfYx1ZW4LjaiDACISKsHmdH3EGQRcsP7SHVqevg== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P3 X-Arequestid: - - 55c1f48c7fddfc0efb6ce1119c473814 + - 8d37bcebb95e3160bd9dae0333c3900b + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '396' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6630,7 +6898,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -6644,9 +6912,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - 860e22e3-b6f7-4539-b2af-9f9444789bd1 + - 5cb85511-2e94-43ba-bc7e-cb4c1c56d866 Atl-Traceid: - - 860e22e3b6f74539b2af9f9444789bd1 + - 5cb855112e9443babc7ecb4c1c56d866 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6656,7 +6924,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:26 GMT + - Tue, 04 Nov 2025 18:02:34 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6666,7 +6934,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=504,atl-edge;dur=502,atl-edge-internal;dur=14,atl-edge-upstream;dur=487,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P2",cdn-rid;desc="d8uY-VdXj-N6zj97EaHn-2slpA9E70yQ21SmgsNyGrj6W2EBoqAYxQ==",cdn-downstream-fbl;dur=507 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=323,atl-edge;dur=300,atl-edge-internal;dur=16,atl-edge-upstream;dur=283,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="UTnXXrNGyq-Ixf3YtPiPvKLHb172wh3ukKpTHeJ5P0ctQRjI4F7gPg==",cdn-downstream-fbl;dur=326 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6676,18 +6944,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 9478009849c2f6b9551c4c5c23842910.cloudfront.net (CloudFront) + - 1.1 66b4cf5fe1131d403a242f2f9f334158.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - d8uY-VdXj-N6zj97EaHn-2slpA9E70yQ21SmgsNyGrj6W2EBoqAYxQ== + - UTnXXrNGyq-Ixf3YtPiPvKLHb172wh3ukKpTHeJ5P0ctQRjI4F7gPg== X-Amz-Cf-Pop: - - SYD3-P2 + - DEN52-P3 X-Arequestid: - - a3600f900a676b3a32dc23ec383b70d8 + - a069f61a8ac5604f7792c5ba426a342f + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6701,20 +6973,20 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -6724,8 +6996,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of - Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n *CWE:* + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -6745,21 +7017,21 @@ interactions: Connection: - keep-alive Content-Length: - - '3531' + - '3530' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - ec26d2f8-f396-4d20-812c-cd4f8ba07231 + - ac6e0b47-49a9-46db-a88c-1c9b8c8714b2 Atl-Traceid: - - ec26d2f8f3964d20812ccd4f8ba07231 + - ac6e0b4749a946dba88c1c9b8c8714b2 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6767,7 +7039,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:28 GMT + - Tue, 04 Nov 2025 18:02:35 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6777,7 +7049,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=710,atl-edge;dur=707,atl-edge-internal;dur=15,atl-edge-upstream;dur=692,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="Z_0Onz-4EAW-0Pm8K9BgFcF-V_POpqKjP5jAZuVZo_Mbi65kGMN1-w==",cdn-downstream-fbl;dur=713 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=779,atl-edge;dur=755,atl-edge-internal;dur=18,atl-edge-upstream;dur=737,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="irL834izS-OYI0_8uL515V7w_BLDXG2LymmClVTiSFH2U5AC3jZx1w==",cdn-downstream-fbl;dur=784 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6785,15 +7057,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 2e2023905a055fb3a137d4ecfec97d0e.cloudfront.net (CloudFront) + - 1.1 a7c0ba01db75946f7df3f7eaf69984b6.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - Z_0Onz-4EAW-0Pm8K9BgFcF-V_POpqKjP5jAZuVZo_Mbi65kGMN1-w== + - irL834izS-OYI0_8uL515V7w_BLDXG2LymmClVTiSFH2U5AC3jZx1w== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN52-P2 X-Arequestid: - - 16beae5fd4d5a4a2694940d03f18fcf9 + - 0b99efe7925c20669d0dde45dd27eef4 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6817,31 +7093,31 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:05.749+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work - has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-07-25T21:04:05.726+0200","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_65305_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:28.106+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:28.161+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"},"resolution":{"self":"https://defectdojo.atlassian.net/rest/api/2/resolution/10000","id":"10000","description":"Work + has been completed on this issue.","name":"Done"},"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10002","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Done","id":"10002","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"Done"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":"2025-11-04T19:02:28.127+0100","workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":"10000_*:*_1_*:*_22594_*|*_10002_*:*_1_*:*_0","customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:35.656+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -6851,8 +7127,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -6863,12 +7139,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - f192d8c3-df4e-4b67-8248-f41d77c1c341 + - c4cee2ba-8ec5-4981-82db-dbff0edc2657 Atl-Traceid: - - f192d8c3df4e4b678248f41d77c1c341 + - c4cee2ba8ec5498182dbdbff0edc2657 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6878,7 +7154,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:29 GMT + - Tue, 04 Nov 2025 18:02:36 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6888,7 +7164,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=425,atl-edge;dur=423,atl-edge-internal;dur=16,atl-edge-upstream;dur=407,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="jEEwB4sLvUL_pRnhb5CM-ttXTqIbtsFJ1Sgql2nE4aovDNDkkKDxCA==",cdn-downstream-fbl;dur=428 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=272,atl-edge;dur=249,atl-edge-internal;dur=17,atl-edge-upstream;dur=232,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="IEFnfQxZL_y0ZHrTyPdPAyUstPTMb7PdW8rqvbT45w0xgF-EB11lPQ==",cdn-downstream-fbl;dur=276 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6898,15 +7174,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 59067266959db6ef629f60366c4dee48.cloudfront.net (CloudFront) + - 1.1 befcfd7ee847a3c890471f27612dbcde.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - jEEwB4sLvUL_pRnhb5CM-ttXTqIbtsFJ1Sgql2nE4aovDNDkkKDxCA== + - IEFnfQxZL_y0ZHrTyPdPAyUstPTMb7PdW8rqvbT45w0xgF-EB11lPQ== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P2 X-Arequestid: - - 71ce21f341826f1ccc9af2da7e9a1a65 + - ee30362c6c652b26dbe77bbd8a8e1226 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -6932,17 +7212,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: POST - uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/transitions + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/transitions response: body: string: '' headers: Atl-Request-Id: - - 3eb1cbc5-968c-4de6-9e70-1afc25968bb4 + - 88795a8f-0446-4486-8b01-94aa6086d89d Atl-Traceid: - - 3eb1cbc5968c4de69e701afc25968bb4 + - 88795a8f044644868b0194aa6086d89d Cache-Control: - no-cache, no-store, no-transform Connection: @@ -6950,7 +7230,7 @@ interactions: Content-Type: - text/html;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:31 GMT + - Tue, 04 Nov 2025 18:02:36 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -6960,7 +7240,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=614,atl-edge;dur=609,atl-edge-internal;dur=15,atl-edge-upstream;dur=594,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="CsZOpBptDzkIbsZobAq4r0rYv-F_qUU8UUxqn65VQYTwh1Tz0_opug==",cdn-downstream-fbl;dur=617 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=594,atl-edge;dur=501,atl-edge-internal;dur=21,atl-edge-upstream;dur=481,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="hinoF4kJkunQNqxVpGq9aYFk_kOPIredaUFg1TdQ0U1lA8Ha5PuFzA==",cdn-downstream-fbl;dur=598 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -6968,15 +7248,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront) + - 1.1 d7b3fa0ef559ab3ac226fc78e47d311a.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - CsZOpBptDzkIbsZobAq4r0rYv-F_qUU8UUxqn65VQYTwh1Tz0_opug== + - hinoF4kJkunQNqxVpGq9aYFk_kOPIredaUFg1TdQ0U1lA8Ha5PuFzA== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P1 X-Arequestid: - - 60a6b34fa410f27f9f9e05ac695f6ecf + - c88049880f993932b4f9398331d24f97 + X-Beta-Ratelimit-Limit: + - '200' + X-Beta-Ratelimit-Remaining: + - '199' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7000,17 +7284,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:32.364+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:37.119+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 618a7a64-03be-48b8-8d9d-739ac89ec899 + - 2771b662-4b46-499a-aaf3-2ffb6229ca81 Atl-Traceid: - - 618a7a6403be48b88d9d739ac89ec899 + - 2771b6624b46499aaaf32ffb6229ca81 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7020,7 +7304,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:32 GMT + - Tue, 04 Nov 2025 18:02:37 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7030,7 +7314,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=358,atl-edge;dur=353,atl-edge-internal;dur=15,atl-edge-upstream;dur=337,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="2f-Z0Vn7BaLIkqBenmNJ1qJ0I6_JEIrj7W3oHJcX1lqhkHESqbrsow==",cdn-downstream-fbl;dur=362 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=201,atl-edge;dur=177,atl-edge-internal;dur=17,atl-edge-upstream;dur=161,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="zWEDoTZAzfgL-0o_rHae_HfM387v5AsBKgmiDF8S6izbyT9IlNQ6TA==",cdn-downstream-fbl;dur=204 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7040,15 +7324,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 b39f0409e845bde1b97cd11f1d544d4e.cloudfront.net (CloudFront) + - 1.1 3fddcbe99f78632bf14e5e80e6c14058.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 2f-Z0Vn7BaLIkqBenmNJ1qJ0I6_JEIrj7W3oHJcX1lqhkHESqbrsow== + - zWEDoTZAzfgL-0o_rHae_HfM387v5AsBKgmiDF8S6izbyT9IlNQ6TA== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P2 X-Arequestid: - - b54d49fdcf7fd373faf25050d4cdd82a + - 6d3bb40d7f6dc856eb5acf3c920edb4f + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7072,32 +7360,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:30.923+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:36.581+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:30.922+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:36.580+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -7107,8 +7395,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -7119,12 +7407,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 142d47d4-68b7-4bd2-95a7-43f40cd1052d + - 1c5abdf4-3914-4f5d-a876-4c4e68f8a09f Atl-Traceid: - - 142d47d468b74bd295a743f40cd1052d + - 1c5abdf439144f5da8764c4e68f8a09f Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7134,7 +7422,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:33 GMT + - Tue, 04 Nov 2025 18:02:37 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7144,7 +7432,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=418,atl-edge;dur=416,atl-edge-internal;dur=14,atl-edge-upstream;dur=402,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="yMO1Lh51rWInQUC6hxUdPDPgvOsr6ktYwykw7kP_BbhkDxNc9qPoHQ==",cdn-downstream-fbl;dur=421 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=379,atl-edge;dur=287,atl-edge-internal;dur=20,atl-edge-upstream;dur=265,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="9cxUthhe0oOIKEM0V1U6EJk_8fcGOFqyjzLWHgRzC0VocNRmJHN9KQ==",cdn-downstream-fbl;dur=383 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7154,15 +7442,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront) + - 1.1 81c07f42f70c1aec766dc553e24f3864.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - yMO1Lh51rWInQUC6hxUdPDPgvOsr6ktYwykw7kP_BbhkDxNc9qPoHQ== + - 9cxUthhe0oOIKEM0V1U6EJk_8fcGOFqyjzLWHgRzC0VocNRmJHN9KQ== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P1 X-Arequestid: - - 0c328a5f428f4803e5bc6162e4cfc0e9 + - 835607e3053047c761aa5c91f7e0a434 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7186,17 +7478,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:34.833+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:37.910+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - df1d9a92-3007-4a77-8e14-7e049e41d575 + - 5b91aeac-74eb-4042-9faf-7ee67acafa0e Atl-Traceid: - - df1d9a9230074a778e147e049e41d575 + - 5b91aeac74eb40429faf7ee67acafa0e Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7206,7 +7498,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:34 GMT + - Tue, 04 Nov 2025 18:02:37 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7216,7 +7508,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=323,atl-edge;dur=321,atl-edge-internal;dur=16,atl-edge-upstream;dur=306,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="_aa8seReyjY4Q9xnBWQK3idrX8nMwlxI9fX7yC4sVEyrMYZWkd1oew==",cdn-downstream-fbl;dur=327 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=21,cdn-upstream-fbl;dur=262,atl-edge;dur=173,atl-edge-internal;dur=18,atl-edge-upstream;dur=154,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P2",cdn-rid;desc="w9HcJnW4ya4xOv-WC42GmXRHifLJNmmMsa7EIx-8zZhn5GO2sJETAw==",cdn-downstream-fbl;dur=265 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7226,15 +7518,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 c44c600db483eb2098670fa47c16d840.cloudfront.net (CloudFront) + - 1.1 0ec4ee481d2d7e134f4c87a9b9fc4e06.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - _aa8seReyjY4Q9xnBWQK3idrX8nMwlxI9fX7yC4sVEyrMYZWkd1oew== + - w9HcJnW4ya4xOv-WC42GmXRHifLJNmmMsa7EIx-8zZhn5GO2sJETAw== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P2 X-Arequestid: - - e29d883ef0e105ca443d1f81780112ec + - 1f0f20862036e67e517c2ea31fb6bf8b + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '348' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7258,32 +7554,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:30.923+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:36.581+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:30.922+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:36.580+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -7293,8 +7589,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -7305,12 +7601,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 90e6857e-afb4-46c5-98aa-c6b22411c647 + - 3102e328-9341-48c0-87f1-fac846f0479f Atl-Traceid: - - 90e6857eafb446c598aac6b22411c647 + - 3102e328934148c087f1fac846f0479f Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7320,7 +7616,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:36 GMT + - Tue, 04 Nov 2025 18:02:38 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7330,7 +7626,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=430,atl-edge;dur=428,atl-edge-internal;dur=14,atl-edge-upstream;dur=413,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="TrH92-xsGIhpkPxjnshiaI50r82dUkzOZzXH__n0fF7FIb3z97HiiQ==",cdn-downstream-fbl;dur=434 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=272,atl-edge;dur=249,atl-edge-internal;dur=17,atl-edge-upstream;dur=233,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="Q1yTY_KYiQGdw1sg51d9MDHhbpncBiQ5GIhnYq8sNAZSvT35nIWIHA==",cdn-downstream-fbl;dur=275 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7340,15 +7636,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 6eb4925a459e5104745cfd7f77596766.cloudfront.net (CloudFront) + - 1.1 be287e7673276d1e72db92a6f145d6f0.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - TrH92-xsGIhpkPxjnshiaI50r82dUkzOZzXH__n0fF7FIb3z97HiiQ== + - Q1yTY_KYiQGdw1sg51d9MDHhbpncBiQ5GIhnYq8sNAZSvT35nIWIHA== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P1 X-Arequestid: - - caa2dcecdf3d639f1145c994770919c0 + - 87efe3c9a1d9479690e8f6a2afc128de + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7372,17 +7672,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:37.493+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:38.634+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - a92d6525-f637-4578-a429-0bc3aacab9ac + - f09f13bb-6bff-4e89-b9b2-27496af5197e Atl-Traceid: - - a92d6525f6374578a4290bc3aacab9ac + - f09f13bb6bff4e89b9b227496af5197e Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7392,7 +7692,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:37 GMT + - Tue, 04 Nov 2025 18:02:38 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7402,7 +7702,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=325,atl-edge;dur=323,atl-edge-internal;dur=14,atl-edge-upstream;dur=309,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="S9VD-wsJipitOgc74rj5qQigBcwEgjhVLk3wo0G9do61rDst6J6NsQ==",cdn-downstream-fbl;dur=328 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=194,atl-edge;dur=171,atl-edge-internal;dur=14,atl-edge-upstream;dur=157,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="yxQ51jK65LA7XZPIWd5HhQ-XmUXZS62bxZr7SnScQq_IXmUlcR-R-Q==",cdn-downstream-fbl;dur=199 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7412,15 +7712,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 2db2695e7e4ed9660f2422e6ea5c01e4.cloudfront.net (CloudFront) + - 1.1 d1f45df4933065053cea3fd574dc6f20.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - S9VD-wsJipitOgc74rj5qQigBcwEgjhVLk3wo0G9do61rDst6J6NsQ== + - yxQ51jK65LA7XZPIWd5HhQ-XmUXZS62bxZr7SnScQq_IXmUlcR-R-Q== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P1 X-Arequestid: - - 27cdec19431783f2459745f27f8840a0 + - 7a28763ee8b48feccc860cc348673990 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '347' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7444,7 +7748,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -7458,9 +7762,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - 558cb70a-406b-4b35-b284-2748c7e33752 + - 9f121170-5613-49b2-9458-36faa4027b83 Atl-Traceid: - - 558cb70a406b4b35b2842748c7e33752 + - 9f121170561349b2945836faa4027b83 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7470,7 +7774,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:39 GMT + - Tue, 04 Nov 2025 18:02:39 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7480,7 +7784,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=508,atl-edge;dur=507,atl-edge-internal;dur=19,atl-edge-upstream;dur=488,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="InwEorUHv5Mq8QQG8hUpNCE4Fg0lsF8_YS2pVQK5LgeHXUsahWqn5Q==",cdn-downstream-fbl;dur=512 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=377,atl-edge;dur=353,atl-edge-internal;dur=23,atl-edge-upstream;dur=325,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="rjavgbg41Lw3jUfrFCPvDVqm_0Kd6HGOUfIiAMaZRKUcB5-F7hWpsw==",cdn-downstream-fbl;dur=380 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7490,18 +7794,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront) + - 1.1 88bce767af5e31f726ade38ea5253bd4.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - InwEorUHv5Mq8QQG8hUpNCE4Fg0lsF8_YS2pVQK5LgeHXUsahWqn5Q== + - rjavgbg41Lw3jUfrFCPvDVqm_0Kd6HGOUfIiAMaZRKUcB5-F7hWpsw== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P2 X-Arequestid: - - 0ed9cb8e7dc240b0707dd60d4bb5d3f4 + - 5d7b16c4113abcc24cb4933892410004 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7514,11 +7822,11 @@ interactions: - request: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Jira Api Test 2", "description": "\n\n\n\n\n\n\n*Title*: [Jira Api - Test 2|http://localhost:8080/finding/252]\n\n*Defect Dojo link:* http://localhost:8080/finding/252 - (252)\n\n*Severity:* Medium\n\n\n*Due Date:* Oct. 23, 2025\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* + Test 2|http://localhost:8080/finding/240]\n\n*Defect Dojo link:* http://localhost:8080/finding/240 + (240)\n\n*Severity:* Medium\n\n\n*Due Date:* Feb. 2, 2026\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n*Product/Engagement/Test:* [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable + / [NPM Audit Scan|http://localhost:8080/test/92]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable Component*: negotiator - 0.5.3\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service attacks, which trigger upon parsing a specially crafted `Accept-Language` header @@ -7537,21 +7845,21 @@ interactions: Connection: - keep-alive Content-Length: - - '1445' + - '1444' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: POST uri: https://defectdojo.atlassian.net/rest/api/2/issue response: body: - string: '{"id":"21269","key":"NTEST-3090","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21269"}' + string: '{"id":"23616","key":"NTEST-3175","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616"}' headers: Atl-Request-Id: - - 3ff63dc5-ebcd-4ac4-a2c8-d5f24927ba42 + - 6b2750a9-1062-4dc5-b3ec-61f0097a0872 Atl-Traceid: - - 3ff63dc5ebcd4ac4a2c8d5f24927ba42 + - 6b2750a910624dc5b3ec61f0097a0872 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7559,7 +7867,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:40 GMT + - Tue, 04 Nov 2025 18:02:40 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7569,7 +7877,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=860,atl-edge;dur=858,atl-edge-internal;dur=13,atl-edge-upstream;dur=845,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="RtrZz_FglFXJZkS5BAOBPwdXJU23BXlvAFFM0NZhZrMA-4c03Vatdg==",cdn-downstream-fbl;dur=864 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=726,atl-edge;dur=703,atl-edge-internal;dur=14,atl-edge-upstream;dur=688,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="tnaIJlYR3CEPOa40bygU6PTgmnQMkfQNisxxl2V6s5tH_crOqMjSnA==",cdn-downstream-fbl;dur=729 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7579,15 +7887,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 74ae22067fef6f6228fb9f864f22f58a.cloudfront.net (CloudFront) + - 1.1 21d788b44c2b3d335a275c07a54548b6.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - RtrZz_FglFXJZkS5BAOBPwdXJU23BXlvAFFM0NZhZrMA-4c03Vatdg== + - tnaIJlYR3CEPOa40bygU6PTgmnQMkfQNisxxl2V6s5tH_crOqMjSnA== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P3 X-Arequestid: - - c92f0bdd5bb87393e5f7f4bdf2aa9fbb + - a2f8f1918bc73d63154c68803bf11a34 + X-Beta-Ratelimit-Limit: + - '200' + X-Beta-Ratelimit-Remaining: + - '199' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7611,23 +7923,23 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3090 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21269","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21269","key":"NTEST-3090","fields":{"statuscategorychangedate":"2025-07-25T21:04:40.572+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23616","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616","key":"NTEST-3175","fields":{"statuscategorychangedate":"2025-11-04T19:02:39.969+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3090/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3090/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:04:40.315+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i0129b:","updated":"2025-07-25T21:04:40.391+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n*Title*: - [Jira Api Test 2|http://localhost:8080/finding/252]\n\n*Defect Dojo link:* - http://localhost:8080/finding/252 (252)\n\n*Severity:* Medium\n\n\n*Due Date:* - Oct. 23, 2025\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:39.717+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sv:","updated":"2025-11-04T19:02:39.806+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n*Title*: + [Jira Api Test 2|http://localhost:8080/finding/240]\n\n*Defect Dojo link:* + http://localhost:8080/finding/240 (240)\n\n*Severity:* Medium\n\n\n*Due Date:* + Feb. 2, 2026\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n*Product/Engagement/Test:* [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable + / [NPM Audit Scan|http://localhost:8080/test/92]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable Component*: negotiator - 0.5.3\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service attacks, which trigger upon parsing a specially crafted `Accept-Language` @@ -7636,12 +7948,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Jira - Api Test 2","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21269/comment","maxResults":0,"total":0,"startAt":0}}}' + Api Test 2","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 1e437d4a-13ba-4797-8c2c-01cc924355be + - 6ccf0ef9-fd9b-4432-bf8a-2e8f11fba7c9 Atl-Traceid: - - 1e437d4a13ba47978c2c01cc924355be + - 6ccf0ef9fd9b4432bf8a2e8f11fba7c9 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7651,7 +7963,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:42 GMT + - Tue, 04 Nov 2025 18:02:40 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7661,7 +7973,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=419,atl-edge;dur=415,atl-edge-internal;dur=15,atl-edge-upstream;dur=401,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="8S9VyLGINImlpiJ4j3ubGhUv1o-g2BZTO1ciTKeoKIhk-spvxidtsg==",cdn-downstream-fbl;dur=422 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=266,atl-edge;dur=242,atl-edge-internal;dur=18,atl-edge-upstream;dur=224,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="e02RKJIW0cRX3HMIMmt_45NvZh27FVNFbnXcy8k50hy-CEBTgRcZcA==",cdn-downstream-fbl;dur=269 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7671,15 +7983,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 55d9a4fa548a24d777eff07223b71680.cloudfront.net (CloudFront) + - 1.1 88bce767af5e31f726ade38ea5253bd4.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 8S9VyLGINImlpiJ4j3ubGhUv1o-g2BZTO1ciTKeoKIhk-spvxidtsg== + - e02RKJIW0cRX3HMIMmt_45NvZh27FVNFbnXcy8k50hy-CEBTgRcZcA== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN52-P2 X-Arequestid: - - f5a71836d563244e63980c37fb2f6ca9 + - 709529d7d52f54071c194da2384bf701 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7703,23 +8019,23 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21269 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23616 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21269","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21269","key":"NTEST-3090","fields":{"statuscategorychangedate":"2025-07-25T21:04:40.572+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23616","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616","key":"NTEST-3175","fields":{"statuscategorychangedate":"2025-11-04T19:02:39.969+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3090/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3090/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:04:40.315+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i0129b:","updated":"2025-07-25T21:04:40.391+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n*Title*: - [Jira Api Test 2|http://localhost:8080/finding/252]\n\n*Defect Dojo link:* - http://localhost:8080/finding/252 (252)\n\n*Severity:* Medium\n\n\n*Due Date:* - Oct. 23, 2025\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:39.717+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sv:","updated":"2025-11-04T19:02:39.806+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n*Title*: + [Jira Api Test 2|http://localhost:8080/finding/240]\n\n*Defect Dojo link:* + http://localhost:8080/finding/240 (240)\n\n*Severity:* Medium\n\n\n*Due Date:* + Feb. 2, 2026\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n*Product/Engagement/Test:* [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable + / [NPM Audit Scan|http://localhost:8080/test/92]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable Component*: negotiator - 0.5.3\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service attacks, which trigger upon parsing a specially crafted `Accept-Language` @@ -7728,12 +8044,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Jira - Api Test 2","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21269/comment","maxResults":0,"total":0,"startAt":0}}}' + Api Test 2","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - fb8865a9-de6a-4547-a248-930797f23e07 + - 6d8fec0e-0266-4452-b189-fde910fcf29f Atl-Traceid: - - fb8865a9de6a4547a248930797f23e07 + - 6d8fec0e02664452b189fde910fcf29f Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7743,7 +8059,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:43 GMT + - Tue, 04 Nov 2025 18:02:40 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7753,7 +8069,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=469,atl-edge;dur=463,atl-edge-internal;dur=14,atl-edge-upstream;dur=449,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="a3rdhYDpzMwSNC6jvjUr4M2CXOtIOOh0QohccCR7cp9FjONsyPwEog==",cdn-downstream-fbl;dur=472 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=296,atl-edge;dur=273,atl-edge-internal;dur=15,atl-edge-upstream;dur=258,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="asmmql3a2Z0pcoxmf8Cmcy0y3dp_rm8faaNSwJktAl0ZSrkNcIt3ew==",cdn-downstream-fbl;dur=300 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7763,15 +8079,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 928b9a46c60991369db0a5ad58525eca.cloudfront.net (CloudFront) + - 1.1 be287e7673276d1e72db92a6f145d6f0.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - a3rdhYDpzMwSNC6jvjUr4M2CXOtIOOh0QohccCR7cp9FjONsyPwEog== + - asmmql3a2Z0pcoxmf8Cmcy0y3dp_rm8faaNSwJktAl0ZSrkNcIt3ew== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P1 X-Arequestid: - - 445f55695c3f1a6427629d1277c30b3e + - 1b1113d26dbfc8e11c2df4be6693a6a0 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7795,17 +8115,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:44.560+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:41.075+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - 334df33b-9edc-4b6a-9044-404dc9ff5c7e + - 016d8ff3-a43f-4d81-bf8e-f691137c58f5 Atl-Traceid: - - 334df33b9edc4b6a9044404dc9ff5c7e + - 016d8ff3a43f4d81bf8ef691137c58f5 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7815,7 +8135,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:44 GMT + - Tue, 04 Nov 2025 18:02:41 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7825,7 +8145,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=322,atl-edge;dur=320,atl-edge-internal;dur=13,atl-edge-upstream;dur=307,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="debpY1WfxssrkEHM0QHsfwcH89vPuIJJhE7HDcaNpP0oY3kdbF_Y7w==",cdn-downstream-fbl;dur=326 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=192,atl-edge;dur=170,atl-edge-internal;dur=17,atl-edge-upstream;dur=153,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="lTP-q8vlhlkRdbHTgDAY4oyfp4jlIQNqeJ9ibJAq6z0rCuWXZpTYiQ==",cdn-downstream-fbl;dur=196 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7835,15 +8155,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 4ab519b4cd27a1b8a4b258d7f39bbc7e.cloudfront.net (CloudFront) + - 1.1 56a79b3a2ac1e2942686c2337f96fb72.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - debpY1WfxssrkEHM0QHsfwcH89vPuIJJhE7HDcaNpP0oY3kdbF_Y7w== + - lTP-q8vlhlkRdbHTgDAY4oyfp4jlIQNqeJ9ibJAq6z0rCuWXZpTYiQ== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P3 X-Arequestid: - - 475713f08235ad2ff4d6d2ba6bfc5db0 + - 5d06f50f5ef93cbde9fa1e577883230d + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7867,32 +8191,32 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:30.923+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:36.581+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:30.922+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:36.580+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -7902,8 +8226,8 @@ interactions: CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -7914,12 +8238,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - d7727416-2f0f-4158-9dca-a570b84d955c + - 8a0885a3-64ab-454b-b777-8ae81e3e2249 Atl-Traceid: - - d77274162f0f41589dcaa570b84d955c + - 8a0885a364ab454bb7778ae81e3e2249 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -7929,7 +8253,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:45 GMT + - Tue, 04 Nov 2025 18:02:41 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -7939,7 +8263,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=421,atl-edge;dur=419,atl-edge-internal;dur=16,atl-edge-upstream;dur=403,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="P2fw0vAE_ByCJA06lVzvMWZ2e7Zm3SfuVLW0fRrF_YRmCeQtdXebgA==",cdn-downstream-fbl;dur=425 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=264,atl-edge;dur=240,atl-edge-internal;dur=17,atl-edge-upstream;dur=224,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="Tz9Kl-gyfx0SS0anc4lJCHIJ93_ulSiq_VI82qKtKWxmLRU8m3F81A==",cdn-downstream-fbl;dur=270 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -7949,15 +8273,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 35202ecfee8e63e178de36be1b541f0e.cloudfront.net (CloudFront) + - 1.1 d4fb3448d1a8d3229dcf0a89f4bbe7e8.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - P2fw0vAE_ByCJA06lVzvMWZ2e7Zm3SfuVLW0fRrF_YRmCeQtdXebgA== + - Tz9Kl-gyfx0SS0anc4lJCHIJ93_ulSiq_VI82qKtKWxmLRU8m3F81A== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P2 X-Arequestid: - - 6087ab535e090eb6b59f4cfe7e9473e6 + - 644349756098d57ed8a5f63c0c3e9cb0 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '397' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -7981,7 +8309,7 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -7995,9 +8323,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - 3da42546-ba13-4dda-866c-d20a84e16d01 + - cb94304c-b90d-475a-9408-02305effd22b Atl-Traceid: - - 3da42546ba134dda866cd20a84e16d01 + - cb94304cb90d475a940802305effd22b Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8007,7 +8335,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:47 GMT + - Tue, 04 Nov 2025 18:02:41 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8017,7 +8345,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=488,atl-edge;dur=486,atl-edge-internal;dur=18,atl-edge-upstream;dur=467,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="g3VtxXsBVYKSCmncnfkuvom0dsXco6WhYb5fb3ofDgmaFMQmM4U-0w==",cdn-downstream-fbl;dur=491 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=346,atl-edge;dur=323,atl-edge-internal;dur=23,atl-edge-upstream;dur=299,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="UnzuSKU2SzUmQRueawdpvO8eJVqoi7YWFHW1iQD1TkfFj4rl0M_GUQ==",cdn-downstream-fbl;dur=350 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8027,18 +8355,22 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront) + - 1.1 2a3bfb7cadc3003297b11ce744cb58fa.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - g3VtxXsBVYKSCmncnfkuvom0dsXco6WhYb5fb3ofDgmaFMQmM4U-0w== + - UnzuSKU2SzUmQRueawdpvO8eJVqoi7YWFHW1iQD1TkfFj4rl0M_GUQ== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN53-P1 X-Arequestid: - - 65aafeda3bb6c77593484ef88e4ef9ad + - 7d2d0cd26a0660da11dba68d43e4bc1c + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -8052,22 +8384,22 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Jira - Api Test 2|http://localhost:8080/finding/252]|Active, Verified|\n\nFindings + Api Test 2|http://localhost:8080/finding/240]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8076,9 +8408,9 @@ interactions: Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* - [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 2|http://localhost:8080/finding/252]\n*Defect - Dojo link:* http://localhost:8080/finding/252 (252)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 2|http://localhost:8080/finding/240]\n*Defect + Dojo link:* http://localhost:8080/finding/240 (240)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8088,8 +8420,8 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of - Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n *CWE:* + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8109,21 +8441,21 @@ interactions: Connection: - keep-alive Content-Length: - - '4766' + - '4764' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: PUT - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: string: '' headers: Atl-Request-Id: - - 79c255db-c503-4e0e-9b50-98a72ea9f541 + - ce61edb7-6706-4805-9ac1-1c30234c320a Atl-Traceid: - - 79c255dbc5034e0e9b5098a72ea9f541 + - ce61edb7670648059ac11c30234c320a Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8131,7 +8463,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:49 GMT + - Tue, 04 Nov 2025 18:02:42 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8141,7 +8473,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=733,atl-edge;dur=731,atl-edge-internal;dur=15,atl-edge-upstream;dur=715,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="hjfjevc-vaM4TywsXCu7UyrLHHu2t_9ShByAN4AX0QNqjlsvWJKHDw==",cdn-downstream-fbl;dur=736 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=562,atl-edge;dur=538,atl-edge-internal;dur=17,atl-edge-upstream;dur=520,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="cxl1rRHLiXOEFKy_eyIofdI3UZVoTxL4SWjH6xhTVVV7Kkzxk-aEow==",cdn-downstream-fbl;dur=568 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8149,15 +8481,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 14d2e33ccccdcd865bebd3f59cd47112.cloudfront.net (CloudFront) + - 1.1 a827400055d7bbab6e387896737d4e50.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - hjfjevc-vaM4TywsXCu7UyrLHHu2t_9ShByAN4AX0QNqjlsvWJKHDw== + - cxl1rRHLiXOEFKy_eyIofdI3UZVoTxL4SWjH6xhTVVV7Kkzxk-aEow== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN52-P1 X-Arequestid: - - 8fa01f3c9597147842ac2981d47587b1 + - f7ad31b3894d785b676afb78dc128180 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -8181,34 +8517,34 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21268 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23615 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21268","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268","key":"NTEST-3089","fields":{"statuscategorychangedate":"2025-07-25T21:04:30.923+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23615","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615","key":"NTEST-3174","fields":{"statuscategorychangedate":"2025-11-04T19:02:36.581+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3089/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:03:00.443+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i01293:","updated":"2025-07-25T21:04:48.633+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3174/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:05.566+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sn:","updated":"2025-11-04T19:02:42.347+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/1] + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/37] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - Medium *Due Date:* Oct. 23, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + Medium *Due Date:* Feb. 2, 2026 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Medium|[CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]|[300|https://cwe.mitre.org/data/definitions/300.html]|negotiator|0.5.3|[2222Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Jira - Api Test 2|http://localhost:8080/finding/252]|Active, Verified|\n\nFindings + Api Test 2|http://localhost:8080/finding/240]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|Info|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|negotiator|0.5.3|[Regular - Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]|Active, + Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]|Active, Verified|\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression - Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/247]\n*Defect - Dojo link:* http://localhost:8080/finding/247 (247)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8217,9 +8553,9 @@ interactions: 0.6.0\n Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n\n\n\n*Reporter:* - [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 2|http://localhost:8080/finding/252]\n*Defect - Dojo link:* http://localhost:8080/finding/252 (252)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 2|http://localhost:8080/finding/240]\n*Defect + Dojo link:* http://localhost:8080/finding/240 (240)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8229,8 +8565,8 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial - of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/246]\n*Defect - Dojo link:* http://localhost:8080/finding/246 (246)\n*Severity:* Info\n\n + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/234]\n*Defect + Dojo link:* http://localhost:8080/finding/234 (234)\n*Severity:* Info\n\n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected @@ -8241,12 +8577,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21268/comment","maxResults":0,"total":0,"startAt":0}}}' + in: negotiator:0.5.3","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23615/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 41f75419-75ea-4e95-9274-d6054ccfcee2 + - fadaa2e1-100d-4bbc-bdf3-5bf631e08237 Atl-Traceid: - - 41f7541975ea4e959274d6054ccfcee2 + - fadaa2e1100d4bbcbdf35bf631e08237 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8256,7 +8592,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:50 GMT + - Tue, 04 Nov 2025 18:02:42 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8266,7 +8602,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=393,atl-edge;dur=391,atl-edge-internal;dur=14,atl-edge-upstream;dur=377,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="o6eZVwPv2scLYyoRlTM6K9mZLCyQPV96x58jXdUjdbeIPV3JqDmUCA==",cdn-downstream-fbl;dur=396 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=301,atl-edge;dur=279,atl-edge-internal;dur=20,atl-edge-upstream;dur=253,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P3",cdn-rid;desc="RUbk1CdNKX7HoVgONK_ddfuDd6jvvT9KnT7lZdVli7qKkzR8gqxZCg==",cdn-downstream-fbl;dur=306 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8276,15 +8612,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 3468af8a053b0ff241626aed87444af8.cloudfront.net (CloudFront) + - 1.1 acb55e8d2b8ad7df45561a8bccaaa688.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - o6eZVwPv2scLYyoRlTM6K9mZLCyQPV96x58jXdUjdbeIPV3JqDmUCA== + - RUbk1CdNKX7HoVgONK_ddfuDd6jvvT9KnT7lZdVli7qKkzR8gqxZCg== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN52-P3 X-Arequestid: - - 6e0ecef9f44c0d517568cd6ac2158cf7 + - af1bc4a4037d335a6067d2270f53a0af + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -8308,17 +8648,17 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo response: body: - string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100287,"buildDate":"2025-07-24T13:05:26.000+0200","serverTime":"2025-07-25T21:04:51.489+0200","scmInfo":"0139ea21e0f8b5dafbd2e1eb33923e0c468b7f69","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:43.167+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' headers: Atl-Request-Id: - - e2085fbb-1341-4f29-bf85-c446fb3fcd02 + - 15ee5d90-3231-41f0-b2c3-892b9bb8b695 Atl-Traceid: - - e2085fbb13414f29bf85c446fb3fcd02 + - 15ee5d90323141f0b2c3892b9bb8b695 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8328,7 +8668,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:51 GMT + - Tue, 04 Nov 2025 18:02:43 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8338,7 +8678,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=325,atl-edge;dur=322,atl-edge-internal;dur=14,atl-edge-upstream;dur=309,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="gIr-iFP9i0541dGmMb_zIdQDC-Uw48LIoTvzsxURrG-4K3LgxT430Q==",cdn-downstream-fbl;dur=329 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=195,atl-edge;dur=171,atl-edge-internal;dur=17,atl-edge-upstream;dur=154,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="nExqnuGvnhpuFvjIy1W6iJ9uj_BtDk-SYXS4-1rwhyo3o8yRTibDDw==",cdn-downstream-fbl;dur=198 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8348,15 +8688,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 505047c0efc37a1900f1288c6f749f90.cloudfront.net (CloudFront) + - 1.1 6d3c3e0af3263a7b3c6878f2fa9bbff6.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - gIr-iFP9i0541dGmMb_zIdQDC-Uw48LIoTvzsxURrG-4K3LgxT430Q== + - nExqnuGvnhpuFvjIy1W6iJ9uj_BtDk-SYXS4-1rwhyo3o8yRTibDDw== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN53-P1 X-Arequestid: - - b2186f1b9bb669695fe7afc1b3c96f73 + - 7f1d87d441b373a938bc920152a2ec43 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -8380,7 +8724,103 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23616 + response: + body: + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23616","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616","key":"NTEST-3175","fields":{"statuscategorychangedate":"2025-11-04T19:02:39.969+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:39.717+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sv:","updated":"2025-11-04T19:02:39.806+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n*Title*: + [Jira Api Test 2|http://localhost:8080/finding/240]\n\n*Defect Dojo link:* + http://localhost:8080/finding/240 (240)\n\n*Severity:* Medium\n\n\n*Due Date:* + Feb. 2, 2026\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* + [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n*Product/Engagement/Test:* + [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/92]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable + Component*: negotiator - 0.5.3\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` + header value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= + 0.6.0\n Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 + or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* + [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Jira + Api Test 2","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616/comment","maxResults":0,"total":0,"startAt":0}}}' + headers: + Atl-Request-Id: + - 4805d705-c762-4bef-9534-74f236add184 + Atl-Traceid: + - 4805d705c7624bef953474f236add184 + Cache-Control: + - no-cache, no-store, no-transform + Connection: + - keep-alive + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Tue, 04 Nov 2025 18:02:43 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=289,atl-edge;dur=265,atl-edge-internal;dur=18,atl-edge-upstream;dur=247,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="Zi4DV03f3prUN_qAqPJO9_YD7e3Fvw04xjDtLQBDnybyYknn8nf3aA==",cdn-downstream-fbl;dur=292 + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Via: + - 1.1 81677ea21ca4917e071a8c310dd9130c.cloudfront.net (CloudFront) + X-Aaccountid: + - 5d3878b170e3c90c952f91f6 + X-Amz-Cf-Id: + - Zi4DV03f3prUN_qAqPJO9_YD7e3Fvw04xjDtLQBDnybyYknn8nf3aA== + X-Amz-Cf-Pop: + - DEN53-P3 + X-Arequestid: + - 1a2e9b1564b19619e2747681e843e1a1 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' + X-Cache: + - Miss from cloudfront + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.5 method: GET uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields response: @@ -8394,9 +8834,9 @@ interactions: Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' headers: Atl-Request-Id: - - c7f7eef2-a4a8-4401-9b32-a3fb7852c212 + - c9481dbb-3484-4690-bf94-d3f810005d81 Atl-Traceid: - - c7f7eef2a4a844019b32a3fb7852c212 + - c9481dbb34844690bf94d3f810005d81 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8406,7 +8846,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:53 GMT + - Tue, 04 Nov 2025 18:02:43 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8416,7 +8856,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=1,cdn-upstream-fbl;dur=498,atl-edge;dur=491,atl-edge-internal;dur=15,atl-edge-upstream;dur=476,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P1",cdn-rid;desc="c3jrIl76pD3jkJ10SQGq4HzUs6BJg8nRLkJBjdFKSpvAQR-aEh-DOg==",cdn-downstream-fbl;dur=501 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=327,atl-edge;dur=305,atl-edge-internal;dur=20,atl-edge-upstream;dur=285,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P2",cdn-rid;desc="DDNJSELk2umNkLUpRl83Ri-Wqk7IZ_UfCdDwOHouvM4q9vJl-nhcFQ==",cdn-downstream-fbl;dur=331 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8426,18 +8866,367 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront) + - 1.1 a42ce842e0f60814700ead82353e9f08.cloudfront.net (CloudFront) Warning: - 'The issue create meta endpoint has been deprecated. (Deprecation start date: June 03, 2024)' X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - c3jrIl76pD3jkJ10SQGq4HzUs6BJg8nRLkJBjdFKSpvAQR-aEh-DOg== + - DDNJSELk2umNkLUpRl83Ri-Wqk7IZ_UfCdDwOHouvM4q9vJl-nhcFQ== X-Amz-Cf-Pop: - - SYD62-P1 + - DEN52-P2 X-Arequestid: - - 1b38381ffa2da6a261d14fa8a5862dcd + - 17931357cbd8d5561f50d4a6c5d51d92 + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' + X-Cache: + - Miss from cloudfront + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Jira Api Test 2", "description": "\n\n\n\n\n\n\n*Title*: [Jira Api + Test 2|http://localhost:8080/finding/240]\n\n*Defect Dojo link:* http://localhost:8080/finding/240 + (240)\n\n*Severity:* Medium\n\n\n*Due Date:* Feb. 2, 2026\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* + [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n*Product/Engagement/Test:* + [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/92]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable + Component*: negotiator - 0.5.3\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '1426' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.5 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23616 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 42bbf820-b6e4-44be-82b7-c8fc9f825dc6 + Atl-Traceid: + - 42bbf820b6e444be82b7c8fc9f825dc6 + Cache-Control: + - no-cache, no-store, no-transform + Connection: + - keep-alive + Content-Type: + - application/json;charset=UTF-8 + Date: + - Tue, 04 Nov 2025 18:02:44 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=446,atl-edge;dur=354,atl-edge-internal;dur=20,atl-edge-upstream;dur=331,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="1zwYeyeyM5h3EcErX6VDA1L8AtPCV6shNb2x90yUvQ3qj5NIVdvUEg==",cdn-downstream-fbl;dur=449 + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + Via: + - 1.1 979fd411be7856884369a8fd4e9bff60.cloudfront.net (CloudFront) + X-Aaccountid: + - 5d3878b170e3c90c952f91f6 + X-Amz-Cf-Id: + - 1zwYeyeyM5h3EcErX6VDA1L8AtPCV6shNb2x90yUvQ3qj5NIVdvUEg== + X-Amz-Cf-Pop: + - DEN53-P1 + X-Arequestid: + - 250615aeabcfbe557737065a62c1a215 + X-Beta-Ratelimit-Limit: + - '300' + X-Beta-Ratelimit-Remaining: + - '299' + X-Cache: + - Miss from cloudfront + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.5 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23616 + response: + body: + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23616","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616","key":"NTEST-3175","fields":{"statuscategorychangedate":"2025-11-04T19:02:39.969+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3175/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:39.717+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013sv:","updated":"2025-11-04T19:02:39.806+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n*Title*: + [Jira Api Test 2|http://localhost:8080/finding/240]\n\n*Defect Dojo link:* + http://localhost:8080/finding/240 (240)\n\n*Severity:* Medium\n\n\n*Due Date:* + Feb. 2, 2026\n\n\n\n*CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html]\n\n\n\n*CVE:* + [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n*Product/Engagement/Test:* + [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/92]\n\n\n\n\n\n\n\n\n\n\n\n*Vulnerable + Component*: negotiator - 0.5.3\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` + header value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= + 0.6.0\n Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 + or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* + [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Jira + Api Test 2","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23616/comment","maxResults":0,"total":0,"startAt":0}}}' + headers: + Atl-Request-Id: + - ba8d4084-be1d-41a8-b845-11eeaae5fbf8 + Atl-Traceid: + - ba8d4084be1d41a8b84511eeaae5fbf8 + Cache-Control: + - no-cache, no-store, no-transform + Connection: + - keep-alive + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Tue, 04 Nov 2025 18:02:44 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=285,atl-edge;dur=261,atl-edge-internal;dur=20,atl-edge-upstream;dur=241,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="p0w-2Wu461GEaaUAAuGKKMTPDFg3gy68nanm9VTBubulSlIWx76EjA==",cdn-downstream-fbl;dur=289 + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Via: + - 1.1 96b078df4a5d96ad3cc52cfe9d984774.cloudfront.net (CloudFront) + X-Aaccountid: + - 5d3878b170e3c90c952f91f6 + X-Amz-Cf-Id: + - p0w-2Wu461GEaaUAAuGKKMTPDFg3gy68nanm9VTBubulSlIWx76EjA== + X-Amz-Cf-Pop: + - DEN52-P1 + X-Arequestid: + - 303423a52da482af79f56c2902e4ae4d + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' + X-Cache: + - Miss from cloudfront + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.5 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: '{"baseUrl":"https://defectdojo.atlassian.net","displayUrl":"https://defectdojo.atlassian.net","displayUrlServicedeskHelpCenter":"https://defectdojo.atlassian.net","displayUrlCSMHelpSeeker":"https://defectdojo.atlassian.net","displayUrlConfluence":"https://defectdojo.atlassian.net","version":"1001.0.0-SNAPSHOT","versionNumbers":[1001,0,0],"deploymentType":"Cloud","buildNumber":100290,"buildDate":"2025-11-03T11:21:33.000+0100","serverTime":"2025-11-04T19:02:45.170+0100","scmInfo":"c7faf2d76294a838eccb8baf436ee325c9a178b7","serverTitle":"Jira","defaultLocale":{"locale":"en_US"},"serverTimeZone":"Etc/UTC"}' + headers: + Atl-Request-Id: + - 578f99f1-7db0-4a70-900a-d2fe9ab5dc21 + Atl-Traceid: + - 578f99f17db04a70900ad2fe9ab5dc21 + Cache-Control: + - no-cache, no-store, no-transform + Connection: + - keep-alive + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Tue, 04 Nov 2025 18:02:45 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=209,atl-edge;dur=186,atl-edge-internal;dur=19,atl-edge-upstream;dur=167,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="tHbo3eG0ebfklHCicGGPg8lN1TzwCNFvJ8-oxnY5mfHt19cZzJDaog==",cdn-downstream-fbl;dur=214 + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Via: + - 1.1 2bdc0b4100727fdf0a312e81266d0496.cloudfront.net (CloudFront) + X-Aaccountid: + - 5d3878b170e3c90c952f91f6 + X-Amz-Cf-Id: + - tHbo3eG0ebfklHCicGGPg8lN1TzwCNFvJ8-oxnY5mfHt19cZzJDaog== + X-Amz-Cf-Pop: + - DEN53-P3 + X-Arequestid: + - a29488c93f08409502186ecb3eacf80e + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' + X-Cache: + - Miss from cloudfront + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.5 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: '{"expand":"projects","projects":[{"expand":"issuetypes","self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"},"issuetypes":[{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","untranslatedName":"Task","subtask":false,"hierarchyLevel":0,"expand":"fields","fields":{"summary":{"required":true,"schema":{"type":"string","system":"summary"},"name":"Summary","key":"summary","hasDefaultValue":false,"operations":["set"]},"issuetype":{"required":true,"schema":{"type":"issuetype","system":"issuetype"},"name":"Issue + Type","key":"issuetype","hasDefaultValue":false,"operations":[],"allowedValues":[{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0}]},"parent":{"required":false,"schema":{"type":"issuelink","system":"parent"},"name":"Parent","key":"parent","hasDefaultValue":false,"operations":["set"]},"components":{"required":false,"schema":{"type":"array","items":"component","system":"components"},"name":"Components","key":"components","hasDefaultValue":false,"operations":["add","set","remove"],"allowedValues":[]},"description":{"required":false,"schema":{"type":"string","system":"description"},"name":"Description","key":"description","hasDefaultValue":false,"operations":["set"]},"project":{"required":true,"schema":{"type":"project","system":"project"},"name":"Project","key":"project","hasDefaultValue":false,"operations":["set"],"allowedValues":[{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}}]},"fixVersions":{"required":false,"schema":{"type":"array","items":"version","system":"fixVersions"},"name":"Fix + versions","key":"fixVersions","hasDefaultValue":false,"operations":["set","add","remove"],"allowedValues":[]},"priority":{"required":false,"schema":{"type":"priority","system":"priority"},"name":"Priority","key":"priority","hasDefaultValue":true,"operations":["set"],"allowedValues":[{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/1","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/highest_new.svg","name":"Highest","id":"1"},{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"},{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/4","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/low_new.svg","name":"Low","id":"4"},{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/5","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/lowest_new.svg","name":"Lowest","id":"5"}],"defaultValue":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/3","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/medium_new.svg","name":"Medium","id":"3"}},"customfield_10014":{"required":false,"schema":{"type":"any","custom":"com.pyxis.greenhopper.jira:gh-epic-link","customId":10014},"name":"Epic + Link","key":"customfield_10014","hasDefaultValue":false,"operations":["set"]},"labels":{"required":false,"schema":{"type":"array","items":"string","system":"labels"},"name":"Labels","key":"labels","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/1.0/labels/suggest?query=","hasDefaultValue":false,"operations":["add","set","remove"]},"attachment":{"required":false,"schema":{"type":"array","items":"attachment","system":"attachment"},"name":"Attachment","key":"attachment","hasDefaultValue":false,"operations":["set","copy"]},"issuelinks":{"required":false,"schema":{"type":"array","items":"issuelinks","system":"issuelinks"},"name":"Linked + Issues","key":"issuelinks","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/issue/picker?currentProjectId=&showSubTaskParent=true&showSubTasks=true¤tIssueKey=null&query=","hasDefaultValue":false,"operations":["add","copy"]},"assignee":{"required":false,"schema":{"type":"user","system":"assignee"},"name":"Assignee","key":"assignee","autoCompleteUrl":"https://defectdojo.atlassian.net/rest/api/2/user/assignable/search?project=NTEST&query=","hasDefaultValue":false,"operations":["set"]}}}]}]}' + headers: + Atl-Request-Id: + - ff32b5a4-2422-46ac-8447-e342cc6e2062 + Atl-Traceid: + - ff32b5a4242246ac8447e342cc6e2062 + Cache-Control: + - no-cache, no-store, no-transform + Connection: + - keep-alive + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Tue, 04 Nov 2025 18:02:45 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=22,cdn-upstream-fbl;dur=420,atl-edge;dur=330,atl-edge-internal;dur=16,atl-edge-upstream;dur=315,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="74gmyUqMquXx1vgaHYr1TdpQ-I-b8beTkc_fRt92BNZoTz4GtA5mlw==",cdn-downstream-fbl;dur=424 + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Via: + - 1.1 81677ea21ca4917e071a8c310dd9130c.cloudfront.net (CloudFront) + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 5d3878b170e3c90c952f91f6 + X-Amz-Cf-Id: + - 74gmyUqMquXx1vgaHYr1TdpQ-I-b8beTkc_fRt92BNZoTz4GtA5mlw== + X-Amz-Cf-Pop: + - DEN53-P3 + X-Arequestid: + - 1da609fd3ace7576038c6d755d42a2ef + X-Beta-Ratelimit-Limit: + - '350' + X-Beta-Ratelimit-Remaining: + - '349' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -8451,30 +9240,31 @@ interactions: body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, "summary": "Findings in: pg:5.1.0", "description": "\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: - [Findings in: pg:5.1.0|http://localhost:8080/finding_group/2] in [Security How-to|http://localhost:8080/product/2] - / [1st Quarter Engagement|http://localhost:8080/engagement/1] / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. - Summary\n*Severity:* High *Due Date:* Aug. 24, 2025 \n\nFindings matching the - Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component - || Version || Title || Status ||\n|High|[CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]|[94|https://cwe.mitre.org/data/definitions/94.html]|pg|5.1.0|[Remote + [Findings in: pg:5.1.0|http://localhost:8080/finding_group/38] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and + Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title + || Status ||\n|High|[CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]|[94|https://cwe.mitre.org/data/definitions/94.html]|pg|5.1.0|[Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 - < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/248]|Active, + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]|Active, Verified|\n|Medium|[CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]|[94|https://cwe.mitre.org/data/definitions/94.html]|pg|5.1.0|[2222Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 - < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/250]|Active, + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/238]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|pg|0.5.3|[Jira - Api Test 3|http://localhost:8080/finding/253]|Active, Verified|\n\nFindings + Api Test 3|http://localhost:8080/finding/241]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 - < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/248]\n*Defect - Dojo link:* http://localhost:8080/finding/248 (248)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]\n*Defect + Dojo link:* http://localhost:8080/finding/236 (236)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected versions of `pg` contain a remote code execution vulnerability that occurs when @@ -8504,8 +9294,8 @@ interactions: (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= - 7.1.0 < 7.1.2)|http://localhost:8080/finding/250]\n*Defect Dojo link:* http://localhost:8080/finding/250 - (250)\n*Severity:* Medium\n *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + 7.1.0 < 7.1.2)|http://localhost:8080/finding/238]\n*Defect Dojo link:* http://localhost:8080/finding/238 + (238)\n*Severity:* Medium\n *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected versions of `pg` contain a remote code execution vulnerability that occurs when @@ -8531,9 +9321,9 @@ interactions: 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n\n\n\n*Reporter:* - [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 3|http://localhost:8080/finding/253]\n*Defect - Dojo link:* http://localhost:8080/finding/253 (253)\n*Severity:* Medium\n *Due - Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 3|http://localhost:8080/finding/241]\n*Defect + Dojo link:* http://localhost:8080/finding/241 (241)\n*Severity:* Medium\n *Due + Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8553,21 +9343,21 @@ interactions: Connection: - keep-alive Content-Length: - - '8237' + - '8234' Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: POST uri: https://defectdojo.atlassian.net/rest/api/2/issue response: body: - string: '{"id":"21270","key":"NTEST-3091","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21270"}' + string: '{"id":"23617","key":"NTEST-3176","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23617"}' headers: Atl-Request-Id: - - 4deb6aba-750f-411c-b4c8-ab3a57b7f7ab + - f0decc8b-9d30-43ca-8962-15389f495261 Atl-Traceid: - - 4deb6aba750f411cb4c8ab3a57b7f7ab + - f0decc8b9d3043ca896215389f495261 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8575,7 +9365,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:54 GMT + - Tue, 04 Nov 2025 18:02:46 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8585,7 +9375,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=899,atl-edge;dur=897,atl-edge-internal;dur=15,atl-edge-upstream;dur=882,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P2",cdn-rid;desc="inYiqz7IWVRDefMFh9jiWnxh0KKvGDlWknPxOmQ21KoFtifLpXvNrA==",cdn-downstream-fbl;dur=903 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=818,atl-edge;dur=794,atl-edge-internal;dur=16,atl-edge-upstream;dur=777,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P1",cdn-rid;desc="bPrIcS5nR418--vXoG2RPlt8NsKTXTznFVHgCGJ6L5-zUjo7mCxgpw==",cdn-downstream-fbl;dur=823 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8595,15 +9385,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront) + - 1.1 bd570b43eaed44365882fda303fb189c.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - inYiqz7IWVRDefMFh9jiWnxh0KKvGDlWknPxOmQ21KoFtifLpXvNrA== + - bPrIcS5nR418--vXoG2RPlt8NsKTXTznFVHgCGJ6L5-zUjo7mCxgpw== X-Amz-Cf-Pop: - - SYD62-P2 + - DEN53-P1 X-Arequestid: - - 0e7268f8ea6f5c09cf9357e84e5ab505 + - 295b36c1b9b4044f25dda9a9ae8b4a0e + X-Beta-Ratelimit-Limit: + - '200' + X-Beta-Ratelimit-Remaining: + - '199' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -8627,43 +9421,43 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3091 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3176 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21270","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21270","key":"NTEST-3091","fields":{"statuscategorychangedate":"2025-07-25T21:04:54.773+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23617","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23617","key":"NTEST-3176","fields":{"statuscategorychangedate":"2025-11-04T19:02:46.464+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3091/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3091/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:04:54.523+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i0129j:","updated":"2025-07-25T21:04:54.626+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3176/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3176/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:46.206+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013t3:","updated":"2025-11-04T19:02:46.305+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: pg:5.1.0|http://localhost:8080/finding_group/2] + Group\n*Group*: [Findings in: pg:5.1.0|http://localhost:8080/finding_group/38] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]|[94|https://cwe.mitre.org/data/definitions/94.html]|pg|5.1.0|[Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 - < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/248]|Active, + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]|Active, Verified|\n|Medium|[CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]|[94|https://cwe.mitre.org/data/definitions/94.html]|pg|5.1.0|[2222Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 - < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/250]|Active, + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/238]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|pg|0.5.3|[Jira - Api Test 3|http://localhost:8080/finding/253]|Active, Verified|\n\nFindings + Api Test 3|http://localhost:8080/finding/241]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 - < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/248]\n*Defect - Dojo link:* http://localhost:8080/finding/248 (248)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]\n*Defect + Dojo link:* http://localhost:8080/finding/236 (236)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected versions of `pg` contain a remote code execution vulnerability that occurs @@ -8693,9 +9487,9 @@ interactions: - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < - 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/250]\n*Defect - Dojo link:* http://localhost:8080/finding/250 (250)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/238]\n*Defect + Dojo link:* http://localhost:8080/finding/238 (238)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected versions of `pg` contain a remote code execution vulnerability that occurs @@ -8721,9 +9515,9 @@ interactions: to version 6.4.2 or later. ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n\n\n\n*Reporter:* - [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 3|http://localhost:8080/finding/253]\n*Defect - Dojo link:* http://localhost:8080/finding/253 (253)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 3|http://localhost:8080/finding/241]\n*Defect + Dojo link:* http://localhost:8080/finding/241 (241)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8733,12 +9527,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: pg:5.1.0","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21270/comment","maxResults":0,"total":0,"startAt":0}}}' + in: pg:5.1.0","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23617/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - fd2b32a2-9948-41cd-88bf-6cbd1df98189 + - ae16c5fa-4eb5-45c7-9768-a228c2608bc2 Atl-Traceid: - - fd2b32a2994841cd88bf6cbd1df98189 + - ae16c5fa4eb545c79768a228c2608bc2 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8748,7 +9542,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:56 GMT + - Tue, 04 Nov 2025 18:02:47 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8758,7 +9552,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=408,atl-edge;dur=406,atl-edge-internal;dur=14,atl-edge-upstream;dur=392,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD62-P3",cdn-rid;desc="4XEfX4dJ5YBwAI6f_SnCh62tKrKvq7y21EwpkduMm4pqSHftmVvGiA==",cdn-downstream-fbl;dur=412 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=289,atl-edge;dur=265,atl-edge-internal;dur=35,atl-edge-upstream;dur=226,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN52-P1",cdn-rid;desc="9_rx9QRyZITZN524ptMviKyTCUzgQbP0Qurx0P9_PJG6MqQp5OUIew==",cdn-downstream-fbl;dur=293 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8768,15 +9562,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 0462a83c1b4a9fa5a2554db6feb3a19c.cloudfront.net (CloudFront) + - 1.1 4c98f000f0c28d2e527e3c684f54be1e.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - 4XEfX4dJ5YBwAI6f_SnCh62tKrKvq7y21EwpkduMm4pqSHftmVvGiA== + - 9_rx9QRyZITZN524ptMviKyTCUzgQbP0Qurx0P9_PJG6MqQp5OUIew== X-Amz-Cf-Pop: - - SYD62-P3 + - DEN52-P1 X-Arequestid: - - 3a9d3e56327d95940564f0fcc0b23d6b + - 36f82e86b37e2bb4c9eb2e77bb770132 + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '399' X-Cache: - Miss from cloudfront X-Content-Type-Options: @@ -8800,43 +9598,43 @@ interactions: Content-Type: - application/json User-Agent: - - python-requests/2.32.4 + - python-requests/2.32.5 method: GET - uri: https://defectdojo.atlassian.net/rest/api/2/issue/21270 + uri: https://defectdojo.atlassian.net/rest/api/2/issue/23617 response: body: - string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"21270","self":"https://defectdojo.atlassian.net/rest/api/2/issue/21270","key":"NTEST-3091","fields":{"statuscategorychangedate":"2025-07-25T21:04:54.773+0200","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To + string: '{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations,customfield_10010.requestTypePractice","id":"23617","self":"https://defectdojo.atlassian.net/rest/api/2/issue/23617","key":"NTEST-3176","fields":{"statuscategorychangedate":"2025-11-04T19:02:46.464+0100","fixVersions":[],"statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To Do"},"resolution":null,"lastViewed":null,"customfield_10060":null,"customfield_10061":null,"customfield_10062":null,"customfield_10063":null,"customfield_10064":null,"customfield_10065":null,"customfield_10066":null,"priority":{"self":"https://defectdojo.atlassian.net/rest/api/2/priority/2","iconUrl":"https://defectdojo.atlassian.net/images/icons/priorities/high_new.svg","name":"High","id":"2"},"labels":[],"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"issuelinks":[],"assignee":null,"status":{"self":"https://defectdojo.atlassian.net/rest/api/2/status/10000","description":"","iconUrl":"https://defectdojo.atlassian.net/","name":"Backlog","id":"10000","statusCategory":{"self":"https://defectdojo.atlassian.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"To - Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5","accountId":"712020:292a8b4c-ebd5-44be-bb94-d07c56a14dc5","emailAddress":"valentijn@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","24x24":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","16x16":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png","32x32":"https://secure.gravatar.com/avatar/d05de848fe8cc7816c52a5e34e327bad?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FVS-3.png"},"displayName":"Valentijn - Scholten","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3091/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A - small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3091/watchers","watchCount":1,"isWatching":true},"created":"2025-07-25T21:04:54.523+0200","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i0129j:","updated":"2025-07-25T21:04:54.626+0200","timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA + Do"}},"components":[],"customfield_10050":null,"customfield_10051":null,"customfield_10053":null,"customfield_10055":null,"customfield_10056":null,"customfield_10057":null,"customfield_10058":null,"customfield_10059":null,"customfield_10049":null,"aggregatetimeestimate":null,"creator":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"subtasks":[],"customfield_10040":null,"customfield_10041":null,"customfield_10042":null,"reporter":{"self":"https://defectdojo.atlassian.net/rest/api/2/user?accountId=5d3878b170e3c90c952f91f6","accountId":"5d3878b170e3c90c952f91f6","emailAddress":"cody@defectdojo.com","avatarUrls":{"48x48":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","24x24":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","16x16":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png","32x32":"https://secure.gravatar.com/avatar/4e018ad14467c87539bcb7052ffaef8c?d=https%3A%2F%2Favatar-management--avatars.us-west-2.prod.public.atl-paas.net%2Finitials%2FCM-0.png"},"displayName":"Cody + Maffucci","active":true,"timeZone":"Europe/Zurich","accountType":"atlassian"},"customfield_10043":null,"aggregateprogress":{"progress":0,"total":0},"customfield_10044":null,"customfield_10045":null,"customfield_10046":null,"customfield_10047":null,"customfield_10048":null,"customfield_10038":null,"customfield_10039":null,"progress":{"progress":0,"total":0},"votes":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3176/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"issuetype":{"self":"https://defectdojo.atlassian.net/rest/api/2/issuetype/10002","id":"10002","description":"A + small, distinct piece of work.","iconUrl":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium","name":"Task","subtask":false,"avatarId":10318,"hierarchyLevel":0},"timespent":null,"customfield_10030":null,"project":{"self":"https://defectdojo.atlassian.net/rest/api/2/project/10000","id":"10000","key":"NTEST","name":"Unittests","projectTypeKey":"software","simplified":false,"avatarUrls":{"48x48":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407","24x24":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=small","16x16":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=xsmall","32x32":"https://defectdojo.atlassian.net/rest/api/2/universal_avatar/view/type/project/avatar/10407?size=medium"}},"customfield_10031":null,"customfield_10032":null,"customfield_10033":null,"aggregatetimespent":null,"customfield_10035":null,"customfield_10036":null,"customfield_10037":null,"customfield_10027":null,"customfield_10028":null,"customfield_10029":null,"resolutiondate":null,"workratio":-1,"watches":{"self":"https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-3176/watchers","watchCount":1,"isWatching":true},"created":"2025-11-04T19:02:46.206+0100","customfield_10020":null,"customfield_10021":null,"customfield_10022":null,"customfield_10023":null,"customfield_10016":null,"customfield_10017":null,"customfield_10019":"0|i013t3:","updated":"2025-11-04T19:02:46.305+0100","customfield_10090":null,"timeoriginalestimate":null,"description":"\n\n\n\n\n\n\n\nA group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. - Group\n*Group*: [Findings in: pg:5.1.0|http://localhost:8080/finding_group/2] + Group\n*Group*: [Findings in: pg:5.1.0|http://localhost:8080/finding_group/38] in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] - / [NPM Audit Scan|http://localhost:8080/test/95]\n\nh2. Summary\n*Severity:* - High *Due Date:* Aug. 24, 2025 \n\nFindings matching the Active, Verified + / [NPM Audit Scan|http://localhost:8080/test/92]\n\nh2. Summary\n*Severity:* + High *Due Date:* Dec. 4, 2025 \n\nFindings matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n|High|[CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]|[94|https://cwe.mitre.org/data/definitions/94.html]|pg|5.1.0|[Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 - < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/248]|Active, + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]|Active, Verified|\n|Medium|[CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]|[94|https://cwe.mitre.org/data/definitions/94.html]|pg|5.1.0|[2222Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 - < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/250]|Active, + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/238]|Active, Verified|\n|Medium|[CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]|[400|https://cwe.mitre.org/data/definitions/400.html]|pg|0.5.3|[Jira - Api Test 3|http://localhost:8080/finding/253]|Active, Verified|\n\nFindings + Api Test 3|http://localhost:8080/finding/241]|Active, Verified|\n\nFindings *not* matching the Active, Verified and Severity criteria:\n|| Severity || CVE || CWE || Component || Version || Title || Status ||\n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 - < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/248]\n*Defect - Dojo link:* http://localhost:8080/finding/248 (248)\n*Severity:* High\n *Due - Date:* Aug. 24, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]\n*Defect + Dojo link:* http://localhost:8080/finding/236 (236)\n*Severity:* High\n *Due + Date:* Dec. 4, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected versions of `pg` contain a remote code execution vulnerability that occurs @@ -8866,9 +9664,9 @@ interactions: - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < - 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/250]\n*Defect - Dojo link:* http://localhost:8080/finding/250 (250)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/238]\n*Defect + Dojo link:* http://localhost:8080/finding/238 (238)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected versions of `pg` contain a remote code execution vulnerability that occurs @@ -8894,9 +9692,9 @@ interactions: to version 6.4.2 or later. ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n\n\n\n*Reporter:* - [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 3|http://localhost:8080/finding/253]\n*Defect - Dojo link:* http://localhost:8080/finding/253 (253)\n*Severity:* Medium\n - *Due Date:* Oct. 23, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Jira Api Test 3|http://localhost:8080/finding/241]\n*Defect + Dojo link:* http://localhost:8080/finding/241 (241)\n*Severity:* Medium\n + *Due Date:* Feb. 2, 2026 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected versions of `negotiator` are vulnerable to regular expression denial of service @@ -8906,12 +9704,12 @@ interactions: CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n\n\n\n*Reporter:* [(admin) ()|mailto:]\n","customfield_10010":null,"customfield_10014":null,"timetracking":{},"customfield_10015":null,"customfield_10005":null,"customfield_10006":null,"customfield_10007":null,"security":null,"customfield_10008":null,"attachment":[],"customfield_10009":null,"summary":"Findings - in: pg:5.1.0","customfield_10001":null,"customfield_10002":[],"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/21270/comment","maxResults":0,"total":0,"startAt":0}}}' + in: pg:5.1.0","customfield_10001":null,"customfield_10002":[],"customfield_10123":null,"customfield_10003":null,"customfield_10004":null,"environment":null,"duedate":null,"comment":{"comments":[],"self":"https://defectdojo.atlassian.net/rest/api/2/issue/23617/comment","maxResults":0,"total":0,"startAt":0}}}' headers: Atl-Request-Id: - - 1cb429ad-102a-4cbe-bdd8-bd79665f5db7 + - 4ea7d719-18a3-40c3-b698-4abff25d6fb3 Atl-Traceid: - - 1cb429ad102a4cbebdd8bd79665f5db7 + - 4ea7d71918a340c3b6984abff25d6fb3 Cache-Control: - no-cache, no-store, no-transform Connection: @@ -8921,7 +9719,7 @@ interactions: Content-Type: - application/json;charset=UTF-8 Date: - - Fri, 25 Jul 2025 19:04:57 GMT + - Tue, 04 Nov 2025 18:02:47 GMT Nel: - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}' @@ -8931,7 +9729,7 @@ interactions: Server: - AtlassianEdge Server-Timing: - - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=440,atl-edge;dur=439,atl-edge-internal;dur=14,atl-edge-upstream;dur=424,atl-edge-pop;desc="aws-ap-southeast-2",cdn-cache-miss,cdn-pop;desc="SYD3-P1",cdn-rid;desc="mlCHpIoisIq-pHtHMNUGGlGlxjoX5_JVoaW_yC84De6Y7z71xz5uWw==",cdn-downstream-fbl;dur=444 + - cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=275,atl-edge;dur=251,atl-edge-internal;dur=20,atl-edge-upstream;dur=231,atl-edge-pop;desc="aws-us-west-2",cdn-cache-miss,cdn-pop;desc="DEN53-P3",cdn-rid;desc="1OLwfyJy1uXCc91W2rGv1pQEnhKb-7nX5SWZFbgm25TbkrgQfBXTOA==",cdn-downstream-fbl;dur=280 Strict-Transport-Security: - max-age=63072000; includeSubDomains; preload Timing-Allow-Origin: @@ -8941,15 +9739,19 @@ interactions: Vary: - Accept-Encoding Via: - - 1.1 eeaafdd5e22d1448912c6cf3e1e5bd58.cloudfront.net (CloudFront) + - 1.1 99c24ff7a4f9141fb603a870f066e056.cloudfront.net (CloudFront) X-Aaccountid: - - 712020%3A292a8b4c-ebd5-44be-bb94-d07c56a14dc5 + - 5d3878b170e3c90c952f91f6 X-Amz-Cf-Id: - - mlCHpIoisIq-pHtHMNUGGlGlxjoX5_JVoaW_yC84De6Y7z71xz5uWw== + - 1OLwfyJy1uXCc91W2rGv1pQEnhKb-7nX5SWZFbgm25TbkrgQfBXTOA== X-Amz-Cf-Pop: - - SYD3-P1 + - DEN53-P3 X-Arequestid: - - ee7285228e40f42310c9e8eccc76538d + - dab854a944dc31573ad115bb07e6660f + X-Beta-Ratelimit-Limit: + - '400' + X-Beta-Ratelimit-Remaining: + - '398' X-Cache: - Miss from cloudfront X-Content-Type-Options: