CSAF
view release on metacpan or search on metacpan
lib/CSAF/Validator/OptionalTests.pm view on Meta::CPAN
$self->add_message(
type => 'warning',
category => 'optional',
path => "/vulnerabilities/$vuln_idx/ids/$id_idx",
code => '6.2.17',
message => 'CVE in field IDs'
);
}
});
});
}
# 6.2.18 Product Version Range without vers
sub TEST_6_2_18 {
my $self = shift;
return if (not $self->csaf->product_tree);
$self->_TEST_6_2_18_branches($self->csaf->product_tree->branches, "/product_tree/branches");
}
# 6.2.19 CVSS for Fixed Products
sub TEST_6_2_19 {
my $self = shift;
$self->csaf->vulnerabilities->each(sub {
my ($vulnerability, $vuln_idx) = @_;
$vulnerability->scores->each(sub {
my ($score, $score_idx) = @_;
my $fixed_products = 0;
foreach my $product_id (@{$score->products}) {
$fixed_products = 1 if (first { $product_id eq $_ } @{$vulnerability->product_status->fixed});
$fixed_products = 1 if (first { $product_id eq $_ } @{$vulnerability->product_status->first_fixed});
}
return if (!$fixed_products);
if (my $cvss = $score->cvss_v2) {
my $is_invalid = 0;
if (!$cvss->targetDistribution) {
$is_invalid = 1;
my $decoded = decode_cvss_vector_string($score->cvss_v2->vectorString);
if (!defined($decoded->{targetDistribution})) {
$is_invalid = 1;
}
else {
$is_invalid = 0;
}
}
if ($is_invalid) {
$self->add_message(
type => 'warning',
category => 'optional',
path => "/vulnerabilities/$vuln_idx/scores/$score_idx/cvss_v2",
code => '6.2.19',
message => 'CVSS for Fixed Products'
);
}
}
if (my $cvss = $score->cvss_v3) {
my $is_invalid = 0;
if ( !$cvss->modifiedIntegrityImpact
|| !$cvss->modifiedAvailabilityImpact
|| !$cvss->modifiedConfidentialityImpact)
{
$is_invalid = 1;
my $decoded = decode_cvss_vector_string($score->cvss_v3->vectorString);
if ( !defined($decoded->{modifiedIntegrityImpact})
|| !defined($decoded->{modifiedAvailabilityImpact})
|| !defined($decoded->{modifiedConfidentialityImpact}))
{
$is_invalid = 1;
}
else {
$is_invalid = 0;
}
}
if ($is_invalid) {
$self->add_message(
type => 'warning',
category => 'optional',
path => "/vulnerabilities/$vuln_idx/scores/$score_idx/cvss_v3",
code => '6.2.19',
message => 'CVSS for Fixed Products'
);
}
}
});
});
}
# 6.2.20 Additional Properties
sub TEST_6_2_20 { DEBUG and shift->log->info('6.2.20 Additional Properties => Test implemented in "CSAF::Parser"') }
sub _TEST_6_2_18_branches {
my ($self, $branches, $path) = @_;
$branches->each(sub {
my ($branch, $branch_idx) = @_;
$self->_TEST_6_2_18_branches($branch->branches, "$path/$branch_idx/branches");
if ($branch->category eq 'product_version_range') {
if ($branch->name !~ /$VERS_REGEXP/) {
$self->add_message(
type => 'warning',
category => 'optional',
path => "$path/name",
code => '6.2.18',
message => 'Product Version Range without vers'
);
}
}
});
}
sub _TEST_weak_algo_product_identification_helper {
( run in 0.626 second using v1.01-cache-2.11-cpan-39bf76dae61 )