mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-05 03:31:54 +00:00
2c5d47a8cd
Co-authored-by: Hugo P.Brito <hugopbrito@Mac.home>
92 lines
3.3 KiB
Python
92 lines
3.3 KiB
Python
from prowler.lib.utils.vulnerability_references import (
|
|
build_finding_reference_url,
|
|
resolve_vulnerability_reference_urls,
|
|
)
|
|
|
|
|
|
class TestBuildFindingReferenceUrl:
|
|
def test_cve_id_returns_cve_org_url(self):
|
|
assert (
|
|
build_finding_reference_url("CVE-2023-1234")
|
|
== "https://www.cve.org/CVERecord?id=CVE-2023-1234"
|
|
)
|
|
|
|
def test_lowercase_cve_id_is_normalized(self):
|
|
assert (
|
|
build_finding_reference_url("cve-2024-9999")
|
|
== "https://www.cve.org/CVERecord?id=CVE-2024-9999"
|
|
)
|
|
|
|
def test_ghsa_id_returns_github_advisory_url(self):
|
|
assert (
|
|
build_finding_reference_url("GHSA-abcd-1234-efgh")
|
|
== "https://github.com/advisories/GHSA-ABCD-1234-EFGH"
|
|
)
|
|
|
|
def test_avd_prefixed_id_strips_prefix_for_hub(self):
|
|
assert (
|
|
build_finding_reference_url("AVD-AWS-0001")
|
|
== "https://hub.prowler.com/check/AWS-0001"
|
|
)
|
|
|
|
def test_clean_trivy_id_uses_hub_directly(self):
|
|
assert (
|
|
build_finding_reference_url("AWS-0104")
|
|
== "https://hub.prowler.com/check/AWS-0104"
|
|
)
|
|
|
|
def test_kubernetes_id_uses_hub(self):
|
|
assert (
|
|
build_finding_reference_url("AVD-K8S-0001")
|
|
== "https://hub.prowler.com/check/K8S-0001"
|
|
)
|
|
|
|
def test_dockerfile_id_uses_hub(self):
|
|
assert (
|
|
build_finding_reference_url("AVD-DOCKER-0001")
|
|
== "https://hub.prowler.com/check/DOCKER-0001"
|
|
)
|
|
|
|
def test_whitespace_is_trimmed(self):
|
|
assert (
|
|
build_finding_reference_url(" AZU-0013 ")
|
|
== "https://hub.prowler.com/check/AZU-0013"
|
|
)
|
|
|
|
|
|
class TestResolveVulnerabilityReferenceUrls:
|
|
def test_cve_with_cve_org_reference_uses_it(self):
|
|
recommendation_url, additional_urls = resolve_vulnerability_reference_urls(
|
|
vulnerability_id="CVE-2023-1234",
|
|
references=[
|
|
"https://avd.aquasec.com/nvd/cve-2023-1234",
|
|
"https://www.cve.org/CVERecord?id=CVE-2023-1234",
|
|
"https://nvd.nist.gov/vuln/detail/CVE-2023-1234",
|
|
],
|
|
primary_url="https://avd.aquasec.com/nvd/cve-2023-1234",
|
|
)
|
|
|
|
assert recommendation_url == "https://www.cve.org/CVERecord?id=CVE-2023-1234"
|
|
assert additional_urls == ["https://www.cve.org/CVERecord?id=CVE-2023-1234"]
|
|
|
|
def test_cve_without_cve_org_reference_builds_url(self):
|
|
recommendation_url, additional_urls = resolve_vulnerability_reference_urls(
|
|
vulnerability_id="CVE-2023-5678",
|
|
references=["https://nvd.nist.gov/vuln/detail/CVE-2023-5678"],
|
|
)
|
|
|
|
assert recommendation_url == "https://www.cve.org/CVERecord?id=CVE-2023-5678"
|
|
assert additional_urls == ["https://www.cve.org/CVERecord?id=CVE-2023-5678"]
|
|
|
|
def test_non_cve_id_returns_filtered_references(self):
|
|
recommendation_url, additional_urls = resolve_vulnerability_reference_urls(
|
|
vulnerability_id="GHSA-abcd-1234-efgh",
|
|
references=[
|
|
"https://avd.aquasec.com/nvd/ghsa-abcd-1234-efgh",
|
|
"https://github.com/advisories/GHSA-abcd-1234-efgh",
|
|
],
|
|
)
|
|
|
|
assert recommendation_url == ""
|
|
assert additional_urls == ["https://github.com/advisories/GHSA-abcd-1234-efgh"]
|