Skip to content

Commit b4f1273

Browse files
jkowalleckjkowalleck
committed
wip
Signed-off-by: Jan Kowalleck <[email protected]>
1 parent 786f09f commit b4f1273

File tree

2 files changed

+52
-17
lines changed

2 files changed

+52
-17
lines changed

cyclonedx/model/vulnerability.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -636,7 +636,7 @@ def get_localised_vector(self, vector: str) -> str:
636636
if self is VulnerabilityScoreSource.CVSS_V4 and vector.startswith('CVSS:4.'):
637637
return re.sub(r'^CVSS:3\.\d/?', '', vector)
638638
if (self is VulnerabilityScoreSource.CVSS_V3_1 or self is VulnerabilityScoreSource.CVSS_V3) \
639-
and vector.startswith('CVSS:3.'):
639+
and vector.startswith('CVSS:3.'):
640640
return re.sub(r'^CVSS:3\.\d/?', '', vector)
641641
if self is VulnerabilityScoreSource.CVSS_V2 and vector.startswith('CVSS:2.'):
642642
return re.sub(r'^CVSS:2\.\d/?', '', vector)

tests/test_model_vulnerability.py

Lines changed: 51 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,7 @@ def test_v_severity_from_cvss_scores_multiple_high(self) -> None:
8585
VulnerabilitySeverity.HIGH
8686
)
8787

88+
8889
class TestModelVulnerabilityScoreSource(TestCase):
8990

9091
def test_v_source_parse_other(self) -> None:
@@ -95,97 +96,131 @@ def test_v_source_parse_other(self) -> None:
9596

9697
def test_v_source_parse_cvss4_0(self) -> None:
9798
self.assertEqual(
98-
VulnerabilityScoreSource.get_from_vector('CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U'),
99+
VulnerabilityScoreSource.get_from_vector(
100+
'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U'),
99101
VulnerabilityScoreSource.CVSS_V4
100102
)
101103

102104
def test_v_source_parse_cvss3_1(self) -> None:
103105
self.assertEqual(
104-
VulnerabilityScoreSource.get_from_vector('CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'),
106+
VulnerabilityScoreSource.get_from_vector(
107+
'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'),
105108
VulnerabilityScoreSource.CVSS_V3_1
106109
)
107110

108111
def test_v_source_parse_cvss3_0(self) -> None:
109112
self.assertEqual(
110-
VulnerabilityScoreSource.get_from_vector('CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
113+
VulnerabilityScoreSource.get_from_vector(
114+
'CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
111115
VulnerabilityScoreSource.CVSS_V3
112116
)
113117

114118
def test_v_source_parse_cvss2_0(self) -> None:
115119
self.assertEqual(
116-
VulnerabilityScoreSource.get_from_vector('CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C'),
120+
VulnerabilityScoreSource.get_from_vector(
121+
'CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C'),
117122
VulnerabilityScoreSource.CVSS_V2
118123
)
119124

120125
def test_v_source_parse_owasp_1(self) -> None:
121126
self.assertEqual(
122-
VulnerabilityScoreSource.get_from_vector('OWASP/K9:M1:O0:Z2/D1:X1:W1:L3/C2:I1:A1:T1/F1:R1:S2:P3/50'),
127+
VulnerabilityScoreSource.get_from_vector(
128+
'OWASP/K9:M1:O0:Z2/D1:X1:W1:L3/C2:I1:A1:T1/F1:R1:S2:P3/50'),
123129
VulnerabilityScoreSource.OWASP
124130
)
125131

132+
def test_v_source_get_localised_vector_cvss3_1_slash(self) -> None:
133+
self.assertEqual(
134+
VulnerabilityScoreSource.CVSS_V3.get_localised_vector(
135+
'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'),
136+
'AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'
137+
)
138+
139+
def test_v_source_get_localised_vector_cvss3_1_noslash(self) -> None:
140+
self.assertEqual(
141+
VulnerabilityScoreSource.CVSS_V3_1.get_localised_vector(
142+
'CVSS:3.0AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
143+
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
144+
)
145+
146+
def test_v_source_get_localised_vector_cvss3_1_none(self) -> None:
147+
self.assertEqual(
148+
VulnerabilityScoreSource.CVSS_V3_1.get_localised_vector(
149+
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
150+
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
151+
)
152+
126153
def test_v_source_get_localised_vector_cvss3_slash(self) -> None:
127154
self.assertEqual(
128155
VulnerabilityScoreSource.CVSS_V3.get_localised_vector(
129-
vector='CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
130-
),
156+
'CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
131157
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
132158
)
133159

134160
def test_v_source_get_localised_vector_cvss3_noslash(self) -> None:
135161
self.assertEqual(
136-
VulnerabilityScoreSource.CVSS_V3.get_localised_vector(vector='CVSS:3.0AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
162+
VulnerabilityScoreSource.CVSS_V3.get_localised_vector(
163+
'CVSS:3.0AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
137164
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
138165
)
139166

140167
def test_v_source_get_localised_vector_cvss3_none(self) -> None:
141168
self.assertEqual(
142-
VulnerabilityScoreSource.CVSS_V3.get_localised_vector(vector='AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
169+
VulnerabilityScoreSource.CVSS_V3.get_localised_vector(
170+
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
143171
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
144172
)
145173

146174
def test_v_source_get_localised_vector_cvss2_slash(self) -> None:
147175
self.assertEqual(
148176
VulnerabilityScoreSource.CVSS_V2.get_localised_vector(
149-
vector='CVSS:2.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
177+
'CVSS:2.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
150178
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
151179
)
152180

153181
def test_v_source_get_localised_vector_cvss2_noslash(self) -> None:
154182
self.assertEqual(
155-
VulnerabilityScoreSource.CVSS_V2.get_localised_vector(vector='CVSS:2.1AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
183+
VulnerabilityScoreSource.CVSS_V2.get_localised_vector(
184+
'CVSS:2.0AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
156185
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
157186
)
158187

159188
def test_v_source_get_localised_vector_cvss2_none(self) -> None:
160189
self.assertEqual(
161-
VulnerabilityScoreSource.CVSS_V2.get_localised_vector(vector='AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
190+
VulnerabilityScoreSource.CVSS_V2.get_localised_vector(
191+
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
162192
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
163193
)
164194

165195
def test_v_source_get_localised_vector_owasp_slash(self) -> None:
166196
self.assertEqual(
167-
VulnerabilityScoreSource.OWASP.get_localised_vector(vector='OWASP/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
197+
VulnerabilityScoreSource.OWASP.get_localised_vector(
198+
'OWASP/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
168199
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
169200
)
170201

171202
def test_v_source_get_localised_vector_owasp_noslash(self) -> None:
172203
self.assertEqual(
173-
VulnerabilityScoreSource.OWASP.get_localised_vector(vector='OWASPAV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
204+
VulnerabilityScoreSource.OWASP.get_localised_vector(
205+
'OWASPAV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
174206
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
175207
)
176208

177209
def test_v_source_get_localised_vector_owasp_none(self) -> None:
178210
self.assertEqual(
179-
VulnerabilityScoreSource.OWASP.get_localised_vector(vector='AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
211+
VulnerabilityScoreSource.OWASP.get_localised_vector(
212+
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'),
180213
'AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N'
181214
)
182215

183216
def test_v_source_get_localised_vector_other(self) -> None:
184217
self.assertEqual(
185-
VulnerabilityScoreSource.OTHER.get_localised_vector(vector='SOMETHING_OR_OTHER'),
218+
VulnerabilityScoreSource.OTHER.get_localised_vector(
219+
'SOMETHING_OR_OTHER'),
186220
'SOMETHING_OR_OTHER'
187221
)
188222

223+
189224
class TestModelVulnerability(TestCase):
190225

191226
def test_empty_vulnerability(self) -> None:

0 commit comments

Comments
 (0)