Skip to content

Commit a6cac72

Browse files
MaineK00nclaude
andcommitted
test(detector): add JVN/VulnCheck detection and enrichment unit tests
Cover the two CPE sources migrated to vuls2 whose source-specific logic the NVD-based cases did not exercise. Test_postConvert (inline DetectResult): - VulnCheck exact CPE accept -> VulncheckExactVersionMatch + models.Vulncheck content with the console.vulncheck.com SourceLink. - JVN exact CPE accept -> demoted to JvnVendorProductMatch, sparse models.Jvn content (SourceLink ""), and the JVNDB DistroAdvisory. Test_enrich (testdata/fixtures/enrich/{vulncheck-nist-nvd2,jvn-feed-rss}): - enrichVulnCheck fills models.Vulncheck content (CVSS/CWE/refs/SourceLink). - enrichJVN rebuilds the rich Jvn content from the advisory, folds the sparse detection content's references forward (carriedRefs), and emits the JP-CERT alert from a jpcert.or.jp/at/ reference. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
1 parent 1b89ebd commit a6cac72

5 files changed

Lines changed: 523 additions & 0 deletions

File tree

Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,76 @@
1+
{
2+
"id": "JVNDB-2024-000123",
3+
"advisories": [
4+
{
5+
"content": {
6+
"id": "JVNDB-2024-000123",
7+
"title": "Fortinet FortiOS におけるバッファエラーの脆弱性",
8+
"description": "Fortinet が提供する FortiOS には、バッファエラー (CWE-787) の脆弱性が存在します。",
9+
"severity": [
10+
{
11+
"type": "cvss_v31",
12+
"source": "jvndb.jvn.jp",
13+
"cvss_v31": {
14+
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
15+
"base_score": 9.8,
16+
"base_severity": "CRITICAL"
17+
}
18+
}
19+
],
20+
"cwe": [
21+
{
22+
"source": "jvndb.jvn.jp",
23+
"cwe": [
24+
"CWE-787"
25+
]
26+
}
27+
],
28+
"references": [
29+
{
30+
"source": "jvndb.jvn.jp",
31+
"url": "https://www.jpcert.or.jp/at/2024/at240008.html"
32+
},
33+
{
34+
"source": "jvndb.jvn.jp",
35+
"url": "https://jvn.jp/vu/JVNVU90001234/index.html"
36+
}
37+
],
38+
"published": "2024-02-09T00:00:00Z",
39+
"modified": "2024-02-15T00:00:00Z"
40+
},
41+
"segments": [
42+
{
43+
"ecosystem": "cpe"
44+
}
45+
]
46+
}
47+
],
48+
"vulnerabilities": [
49+
{
50+
"content": {
51+
"id": "CVE-2024-21762",
52+
"references": [
53+
{
54+
"source": "jvndb.jvn.jp",
55+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21762"
56+
},
57+
{
58+
"source": "jvndb.jvn.jp",
59+
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21762"
60+
}
61+
]
62+
},
63+
"segments": [
64+
{
65+
"ecosystem": "cpe"
66+
}
67+
]
68+
}
69+
],
70+
"data_source": {
71+
"id": "jvn-feed-rss",
72+
"raws": [
73+
"fixtures/2024/JVNDB-2024-000123.json"
74+
]
75+
}
76+
}
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
{
2+
"id": "jvn-feed-rss",
3+
"name": "Japan Vulnerability Notes (JVN) Feed RSS"
4+
}
Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
{
2+
"id": "CVE-2024-3400",
3+
"vulnerabilities": [
4+
{
5+
"content": {
6+
"id": "CVE-2024-3400",
7+
"description": "A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.",
8+
"severity": [
9+
{
10+
"type": "cvss_v31",
11+
"source": "nvd@nist.gov",
12+
"cvss_v31": {
13+
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
14+
"base_score": 10.0,
15+
"base_severity": "CRITICAL"
16+
}
17+
}
18+
],
19+
"cwe": [
20+
{
21+
"source": "nvd@nist.gov",
22+
"cwe": [
23+
"CWE-77"
24+
]
25+
}
26+
],
27+
"references": [
28+
{
29+
"source": "nvd@nist.gov",
30+
"url": "https://security.paloaltonetworks.com/CVE-2024-3400"
31+
},
32+
{
33+
"source": "nvd@nist.gov",
34+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3400"
35+
}
36+
],
37+
"published": "2024-04-12T00:00:00Z",
38+
"modified": "2024-04-19T00:00:00Z"
39+
},
40+
"segments": [
41+
{
42+
"ecosystem": "cpe"
43+
}
44+
]
45+
}
46+
],
47+
"data_source": {
48+
"id": "vulncheck-nist-nvd2",
49+
"raws": [
50+
"vuls-data-raw-vulncheck-nist-nvd2/2024/CVE-2024-3400.json"
51+
]
52+
}
53+
}
Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
{
2+
"id": "vulncheck-nist-nvd2",
3+
"name": "VulnCheck NIST NVD2",
4+
"raw": [
5+
{
6+
"url": "ghcr.io/vulsio/vuls-data-db:vuls-data-raw-vulncheck-nist-nvd2",
7+
"commit": "0000000000000000000000000000000000000000",
8+
"date": "2025-01-01T00:00:00Z"
9+
}
10+
]
11+
}

0 commit comments

Comments
 (0)