Closed MaineK00n closed 4 months ago
Tested OK with:
This also answer my question in comment https://github.com/vulsio/go-cve-dictionary/pull/392#issuecomment-2203085132
Cannot see a difference regarding "affected" of course, no change in the code about this.
Minor: you probably forgot something in the "after" above, same as "before".
before/after diff
--- before.txt 2024-07-05 09:39:58.294334024 +0900
+++ after.txt 2024-07-05 09:40:17.166817550 +0900
@@ -7,8 +7,8 @@
"Fortinets": [],
"Mitres": [
{
- "DataType": "",
- "DataVersion": "",
+ "DataType": "CVE_RECORD",
+ "DataVersion": "5.1",
"CVEMetadata": {
"CVEID": "CVE-2024-5732",
"AssignerOrgID": "1af790b2-7ee1-4545-860a-a788eba489b5",
@@ -42,6 +42,43 @@
"SupportingMedia": []
}
],
+ "Affected": [
+ {
+ "Vendor": "n/a",
+ "Product": "Clash",
+ "CollectionURL": null,
+ "PackageName": null,
+ "Cpes": [],
+ "Modules": [
+ {
+ "Module": "Proxy Port"
+ }
+ ],
+ "ProgramFiles": [],
+ "ProgramRoutines": [],
+ "Platforms": [],
+ "Repo": null,
+ "DefaultStatus": null,
+ "Versions": [
+ {
+ "Status": "affected",
+ "VersionType": null,
+ "Version": "0.20.0",
+ "LessThan": null,
+ "LessThanOrEqual": null,
+ "Changes": []
+ },
+ {
+ "Status": "affected",
+ "VersionType": null,
+ "Version": "0.20.1",
+ "LessThan": null,
+ "LessThanOrEqual": null,
+ "Changes": []
+ }
+ ]
+ }
+ ],
"ProblemTypes": [
{
"Descriptions": [
@@ -218,6 +255,7 @@
},
"Title": "CISA ADP Vulnrichment",
"Descriptions": [],
+ "Affected": [],
"ProblemTypes": [],
"Impacts": [],
"Metrics": [
I can confirm I see the MITRE details for "affected" with the precise sha1 and the list of involved source code files as ""ProgramFiles" for ex on CVE-2024-36971. I must have missed a pull request or something.
@MaineK00n this is a fantastic change for me! I do embedded systems, and build everything from sources. Thus I have a compilation database generated with bear, and the full git history. These 2 types of data allow to filter the 95% of false positive CVE on my kernels. Previously I would resort to some heuristics and could only reach max 75% automatic filtering. But with these changes, go-cve-dictionary gives me the potential to go up to 95% with pure automation. This changes everything for me. Thank you so much to you and your colleagues! :star_struck: :fireworks: :champagne: :partying_face:
If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.
What did you implement:
fill DataType, DataVersion, affected
Type of change
How Has This Been Tested?
before
after
Checklist:
You don't have to satisfy all of the following.
make fmt
make test
Is this ready for review?: YES
Reference