test: add missing advisory details for integration tests database (#7122

)
aquasecurity · Jul 9, 2024 · a64993e · a64993e
1 parent dc68a66
commit a64993e
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 5 deletions.
diff --git a/integration/testdata/conan.json.golden b/integration/testdata/conan.json.golden
@@ -171,7 +171,36 @@
           "FixedVersion": "8.45",
           "Status": "fixed",
           "Layer": {},
-          "Severity": "UNKNOWN"
+          "SeveritySource": "nvd",
+          "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2020-14155",
+          "Title": "pcre: Integer overflow when parsing callout numeric arguments",
+          "Description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
+          "Severity": "MEDIUM",
+          "CweIDs": [
+            "CWE-190"
+          ],
+          "VendorSeverity": {
+            "alma": 1,
+            "nvd": 2
+          },
+          "CVSS": {
+            "nvd": {
+              "V2Vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
+              "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+              "V2Score": 5,
+              "V3Score": 5.3
+            },
+            "redhat": {
+              "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+              "V3Score": 5.3
+            }
+          },
+          "References": [
+            "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155",
+            "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
+          ],
+          "PublishedDate": "2020-06-15T17:15:00Z",
+          "LastModifiedDate": "2022-04-28T15:06:00Z"
         }
       ]
     }

diff --git a/integration/testdata/fixtures/db/vulnerability.yaml b/integration/testdata/fixtures/db/vulnerability.yaml
@@ -1364,7 +1364,7 @@
           V3Vector: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
           V3Score: 8.1
       References:
-        - "https://github.com/advisories/GHSA-36p3-wjmg-h94x",
+        - "https://github.com/advisories/GHSA-36p3-wjmg-h94x"
       PublishedDate: "2022-04-01T23:15:00Z"
       LastModifiedDate: "2022-05-19T14:21:00Z"
   - key: CVE-2020-14155
@@ -1387,7 +1387,7 @@
           V3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
           V3Score: 5.3
       References:
-        - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155",
+        - "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155"
         - "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
       PublishedDate: "2020-06-15T17:15:00Z"
       LastModifiedDate: "2022-04-28T15:06:00Z"
diff --git a/integration/testdata/spring4shell-jre11.json.golden b/integration/testdata/spring4shell-jre11.json.golden
@@ -245,7 +245,9 @@
           },
           "References": [
             "https://github.com/advisories/GHSA-36p3-wjmg-h94x"
-          ]
+          ],
+          "PublishedDate": "2022-04-01T23:15:00Z",
+          "LastModifiedDate": "2022-05-19T14:21:00Z"
         }
       ]
     },

diff --git a/integration/testdata/spring4shell-jre8.json.golden b/integration/testdata/spring4shell-jre8.json.golden
@@ -245,7 +245,9 @@
           },
           "References": [
             "https://github.com/advisories/GHSA-36p3-wjmg-h94x"
-          ]
+          ],
+          "PublishedDate": "2022-04-01T23:15:00Z",
+          "LastModifiedDate": "2022-05-19T14:21:00Z"
         }
       ]
     },