search

CiscoPSIRT / openVulnAPI

Documentation and Tools for Cisco's PSIRT openVuln API
https://developer.cisco.com/psirt/
MIT License
102 stars 52 forks source link

Check for values in adv_data before accessing #75

Closed abunn-r7 closed 4 years ago

abunn-r7 commented 4 years ago

The following advisories cause the tool to crash without this null check:

firstFixed not found in adv_data for cisco-sa-20190828-fxnxos-snmp-dos
firstFixed not found in adv_data for cisco-sa-20190828-nxos-api-dos
firstFixed not found in adv_data for cisco-sa-20190828-nxos-fsip-dos
firstFixed not found in adv_data for cisco-sa-20190828-nxos-memleak-dos
firstFixed not found in adv_data for cisco-sa-20190828-nxos-ntp-dos
firstFixed not found in adv_data for cisco-sa-20190925-nxos-vman-cmd-inj
firstFixed not found in adv_data for cisco-sa-20190925-vman
firstFixed not found in adv_data for cisco-sa-20200205-fxnxos-iosxr-cdp-dos
firstFixed not found in adv_data for cisco-sa-20200226-fxos-nxos-cdp

Tested using: openVulnQuery --config cisco-api.json --nxos="7.3(1)N1(1)"

santosomar commented 4 years ago

Thank you very much for your contribution!