Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Delta.json and deltaLog.json metadata files to support 3rd party integrations #12

Merged
merged 9 commits into from
Sep 13, 2023
Merged

Delta.json and deltaLog.json metadata files to support 3rd party integrations #12

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
93fc315
update npm modules (superset of PR #9 and #10 from dependabot) and wo…
hkong-mitre Aug 2, 2023
56ef85f
add comment for module and moduleResolution because it is confusing t…
hkong-mitre Aug 4, 2023
d380a35
Merge pull request #11 from CVEProject/update/2023-08-01
athu-tran Aug 9, 2023
fa298dd
rename version from 1.0.1+update_2023-08-01 to 1.0.2_2023-08-01
hkong-mitre Aug 11, 2023
fded704
add new test fixtures
hkong-mitre Sep 13, 2023
f8a0357
clean up
hkong-mitre Sep 13, 2023
c0d7612
add delta test fixture
hkong-mitre Sep 13, 2023
28ccfaf
move github actions from .github/workflow so they don't run in source…
hkong-mitre Sep 13, 2023
2304564
version 1.0.2+delta_2023-09-12
hkong-mitre Sep 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .env-EXAMPLE
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
CVES_BASE_DIRECTORY=cves
CVES_RECENT_ACTIVITIES_FILENAME=recent_activities.json
CVES_DEFAULT_UPDATE_LOOKBACK_IN_MINS=180
CVES_DEFAULT_DELTA_LOG_HISTORY_IN_DAYS

# ----- ----- for testing only ----- ----- -----
CVES_TEST_BASE_DIRECTORY=test/pretend_github_repository
Expand All @@ -15,8 +16,11 @@ CVES_TEST_BASE_DIRECTORY=test/pretend_github_repository
### cve services api ###########################
################################################

# ----- production environment ----- ----- -----
# CVE Services API-specific ----- -----
CVE_SERVICES_URL=<sourceServerUrl>
CVE_SERVICES_RECORDS_PER_PAGE=500
CVE_ORG_URL=https://www.cve.org

# SECRET: user/role specific: DO NOT COMMIT ----- -----
CVE_API_ORG=<yourOrg>
Expand Down
9 changes: 6 additions & 3 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ coverage
# Transpiled files
build/
dist/
dist.*/
release/

# VS Code
Expand All @@ -32,9 +33,9 @@ release/
# Misc
.DS_Store
devel/
test/pretend_github_repository*/log
# test/pretend_github_repository*/log
*.old
test/pretend_github_repository*/20*
# test/pretend_github_repository*/20*
*\ copy
*\ copy.*
*.old/
Expand All @@ -47,4 +48,6 @@ Notes.md

# CVEs
preview_cves/
cves/
cves/2*
deltas/
cves/deltaLog.json
12 changes: 9 additions & 3 deletions .vscode/settings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,13 @@
{
"editor.formatOnSave": true,
"typescript.format.semicolons": "insert",
"prettier.singleQuote": true,
"editor.formatOnSaveMode": "modifications",
"javascript.preferences.quoteStyle": "single",
"typescript.preferences.quoteStyle": "single"
"prettier.singleQuote": true,
"typescript.format.semicolons": "insert",
"typescript.preferences.quoteStyle": "single",
"workbench.colorCustomizations": {
"activityBar.background": "#0f1193",
"activityBar.foreground": "#ffffff",
},
"workbench.editor.wrapTabs": true,
}
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ This is a set of utilities for maintaining CVE records on GitHub. It is written

## Setup for Developing and Running CVE Utils on a Local or VM Development Machine

You will need to have NodeJS 16.x to develop and/or run this project on a local or VM machine. The easiest way to do this is to use [nvm](https://github.com/nvm-sh/nvm). Then
You will need to have NodeJS 18.16+ to develop and/or run this project on a local or VM machine. The easiest way to do this is to use [nvm](https://github.com/nvm-sh/nvm). Then

1. clone this repository
2. set up tokens/secrets/environment variables by making a `.env` file in the root directory.
Expand Down
134 changes: 134 additions & 0 deletions cves/1999/0xxx/CVE-1999-0001.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
{
"containers": {
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/errata23.html#tcpfix"
},
{
"name": "5707",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5707"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openbsd.org/errata23.html#tcpfix",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/errata23.html#tcpfix"
},
{
"name": "5707",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5707"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0001",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2005-12-17T00:00:00",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}
150 changes: 150 additions & 0 deletions cves/1999/0xxx/CVE-1999-0002.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,150 @@
{
"containers": {
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "J-006",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/j-006.shtml"
},
{
"name": "19981006-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I"
},
{
"name": "121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/121"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "J-006",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/j-006.shtml"
},
{
"name": "19981006-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I"
},
{
"name": "121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/121"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0002",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2005-11-02T10:00:00",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}
Loading