Skip to content

Commit 6740c1b

Browse files
author
jon-stewart
committed
fix: vuln host info counts
1 parent dd25293 commit 6740c1b

File tree

2 files changed

+104
-36
lines changed

2 files changed

+104
-36
lines changed

api/v2_vulnerabilities.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -631,7 +631,7 @@ func (hosts *VulnerabilitiesHostResponse) VulnerabilityCounts() HostVulnCounts {
631631

632632
for _, h := range hosts.Data {
633633
// avoid counting duplicates
634-
if h.VulnID != "" && array.ContainsStr(cves, h.VulnID) {
634+
if h.VulnID == "" || array.ContainsStr(cves, h.VulnID) {
635635
continue
636636
}
637637
cves = append(cves, h.VulnID)

cli/cmd/vuln_host_test.go

Lines changed: 103 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -147,15 +147,28 @@ func TestBuildVulnHostReportsWithVulnerabilitiesPackagesViewAndNoFilters(t *test
147147
Instance ID i-mock
148148
AMI ami-mock
149149
150-
CVE COUNT SEVERITY PACKAGE CURRENT VERSION FIX VERSION PKG STATUS
151-
------------+----------+------------+------------------------------+------------------------------+-------------
152-
1 High linux-aws 1:2017.3.23-2ubuntu0.18.04.2
153-
2 Medium vim 1:2017.3.23-2ubuntu0.18.04.2
154-
1 Medium curl 1:2017.3.23-2ubuntu0.18.04.2 7.58.0-2ubuntu3.18
155-
1 Medium ntfs-3g 1:2017.3.23-2ubuntu0.18.04.2 1:2017.3.23-2ubuntu0.18.04.4
156-
1 Low bash 1:2017.3.23-2ubuntu0.18.04.2 4.4.18-2ubuntu1.3 ACTIVE
157-
1 Low open-iscsi 1:2017.3.23-2ubuntu0.18.04.2
158-
1 Low python3.6 1:2017.3.23-2ubuntu0.18.04.2 3.6.9-1~18.04ubuntu1.8
150+
CVE COUNT SEVERITY PACKAGE CURRENT VERSION FIX VERSION PKG STATUS
151+
------------+----------+----------------------------------+------------------------------+------------------------------+-------------
152+
1 High linux-aws 1:2017.3.23-2ubuntu0.18.04.2
153+
1 Medium ntfs-3g 1:2017.3.23-2ubuntu0.18.04.2 1:2017.3.23-2ubuntu0.18.04.4
154+
1 Medium curl 1:2017.3.23-2ubuntu0.18.04.2 7.58.0-2ubuntu3.18
155+
3 Medium vim 1:2017.3.23-2ubuntu0.18.04.2
156+
1 Low python3.6 1:2017.3.23-2ubuntu0.18.04.2 3.6.9-1~18.04ubuntu1.8
157+
1 Low open-iscsi 1:2017.3.23-2ubuntu0.18.04.2
158+
1 Low bash 1:2017.3.23-2ubuntu0.18.04.2 4.4.18-2ubuntu1.3 ACTIVE
159+
1 Info libfribidi0 1:2017.3.23-2ubuntu0.18.04.2
160+
1 Info dirmngr 1:2017.3.23-2ubuntu0.18.04.2
161+
1 Info linux-aws-5.4-headers-5.4.0-1049 1:2017.3.23-2ubuntu0.18.04.2
162+
1 Info lsb-release 1:2017.3.23-2ubuntu0.18.04.2
163+
1 Info libnuma1 1:2017.3.23-2ubuntu0.18.04.2
164+
1 Info libpython3.6-minimal 1:2017.3.23-2ubuntu0.18.04.2
165+
1 Info linux-aws-5.4-headers-5.4.0-1039 1:2017.3.23-2ubuntu0.18.04.2
166+
1 Info libpsl5 1:2017.3.23-2ubuntu0.18.04.2
167+
1 Info publicsuffix 1:2017.3.23-2ubuntu0.18.04.2
168+
1 Info libpython3.6 1:2017.3.23-2ubuntu0.18.04.2
169+
1 Info telnet 1:2017.3.23-2ubuntu0.18.04.2
170+
1 Info htop 1:2017.3.23-2ubuntu0.18.04.2
171+
1 Info libcurl4 1:2017.3.23-2ubuntu0.18.04.2
159172
160173
Try adding '--active' to only show vulnerabilities of packages actively running.
161174
`
@@ -191,7 +204,7 @@ func TestBuildVulnHostReportsWithVulnerabilitiesPackagesViewWithFilters(t *testi
191204
192205
Try adding '--active' to only show vulnerabilities of packages actively running.
193206
194-
1 of 8 cve(s) showing
207+
1 of 22 cve(s) showing
195208
`
196209
assert.Equal(t, strings.TrimPrefix(expectedTable, "\n"), cliOutput)
197210
}
@@ -224,7 +237,7 @@ func TestBuildVulnHostReportsWithVulnerabilitiesWithFiltersSeverity(t *testing.T
224237
225238
Try adding '--active' to only show vulnerabilities of packages actively running.
226239
227-
1 of 8 cve(s) showing
240+
1 of 22 cve(s) showing
228241
`
229242
assert.Equal(t, strings.TrimPrefix(expectedTable, "\n"), cliOutput)
230243
}
@@ -257,7 +270,7 @@ func TestBuildVulnHostReportsWithVulnerabilitiesWithFiltersActive(t *testing.T)
257270
258271
Try adding '--fixable' to only show fixable vulnerabilities.
259272
260-
1 of 8 cve(s) showing
273+
1 of 22 cve(s) showing
261274
`
262275
assert.Equal(t, strings.TrimPrefix(expectedTable, "\n"), cliOutput)
263276
}
@@ -304,7 +317,7 @@ There are no high vulnerabilities of packages actively running in your environme
304317
305318
Try adding '--fixable' to only show fixable vulnerabilities.
306319
307-
0 of 8 cve(s) showing
320+
0 of 22 cve(s) showing
308321
`
309322
assert.Equal(t, strings.TrimPrefix(expectedTable, "\n"), cliOutput)
310323
}
@@ -335,7 +348,7 @@ There are no critical vulnerabilities in your environment.
335348
336349
Try adding '--active' to only show vulnerabilities of packages actively running.
337350
338-
0 of 8 cve(s) showing
351+
0 of 22 cve(s) showing
339352
`
340353
assert.Equal(t, strings.TrimPrefix(expectedTable, "\n"), cliOutput)
341354
}
@@ -362,12 +375,25 @@ func TestBuildCSVVulnHostReportsWithVulnerabilitiesPackagesViewAndNoFilters(t *t
362375
expected := `
363376
CVE Count,Severity,Package,Current Version,Fix Version,Pkg Status
364377
1,High,linux-aws,1:2017.3.23-2ubuntu0.18.04.2,,
365-
2,Medium,vim,1:2017.3.23-2ubuntu0.18.04.2,,
366-
1,Medium,curl,1:2017.3.23-2ubuntu0.18.04.2,7.58.0-2ubuntu3.18,
367378
1,Medium,ntfs-3g,1:2017.3.23-2ubuntu0.18.04.2,1:2017.3.23-2ubuntu0.18.04.4,
368-
1,Low,bash,1:2017.3.23-2ubuntu0.18.04.2,4.4.18-2ubuntu1.3,ACTIVE
369-
1,Low,open-iscsi,1:2017.3.23-2ubuntu0.18.04.2,,
379+
1,Medium,curl,1:2017.3.23-2ubuntu0.18.04.2,7.58.0-2ubuntu3.18,
380+
3,Medium,vim,1:2017.3.23-2ubuntu0.18.04.2,,
370381
1,Low,python3.6,1:2017.3.23-2ubuntu0.18.04.2,3.6.9-1~18.04ubuntu1.8,
382+
1,Low,open-iscsi,1:2017.3.23-2ubuntu0.18.04.2,,
383+
1,Low,bash,1:2017.3.23-2ubuntu0.18.04.2,4.4.18-2ubuntu1.3,ACTIVE
384+
1,Info,libfribidi0,1:2017.3.23-2ubuntu0.18.04.2,,
385+
1,Info,dirmngr,1:2017.3.23-2ubuntu0.18.04.2,,
386+
1,Info,linux-aws-5.4-headers-5.4.0-1049,1:2017.3.23-2ubuntu0.18.04.2,,
387+
1,Info,lsb-release,1:2017.3.23-2ubuntu0.18.04.2,,
388+
1,Info,libnuma1,1:2017.3.23-2ubuntu0.18.04.2,,
389+
1,Info,libpython3.6-minimal,1:2017.3.23-2ubuntu0.18.04.2,,
390+
1,Info,linux-aws-5.4-headers-5.4.0-1039,1:2017.3.23-2ubuntu0.18.04.2,,
391+
1,Info,libpsl5,1:2017.3.23-2ubuntu0.18.04.2,,
392+
1,Info,publicsuffix,1:2017.3.23-2ubuntu0.18.04.2,,
393+
1,Info,libpython3.6,1:2017.3.23-2ubuntu0.18.04.2,,
394+
1,Info,telnet,1:2017.3.23-2ubuntu0.18.04.2,,
395+
1,Info,htop,1:2017.3.23-2ubuntu0.18.04.2,,
396+
1,Info,libcurl4,1:2017.3.23-2ubuntu0.18.04.2,,
371397
`
372398
cliOutput := capturer.CaptureOutput(func() {
373399
assert.Nil(t, buildVulnHostReports(mockHostVulnerabilityAssessment()))
@@ -424,7 +450,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
424450
"props": {
425451
"isDailyJob": 1
426452
},
427-
"startTime": "2022-09-23T03:00:00.000Z"
453+
"startTime": "2022-09-23T03:00:00.000Z",
454+
"severity": "Info",
455+
"vulnId": "CVE-14"
428456
},
429457
{
430458
"cveProps": {
@@ -464,7 +492,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
464492
"props": {
465493
"isDailyJob": 1
466494
},
467-
"startTime": "2022-09-23T03:00:00.000Z"
495+
"startTime": "2022-09-23T03:00:00.000Z",
496+
"severity": "Info",
497+
"vulnId": "CVE-13"
468498
},
469499
{
470500
"cveProps": {
@@ -504,7 +534,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
504534
"props": {
505535
"isDailyJob": 1
506536
},
507-
"startTime": "2022-09-23T03:00:00.000Z"
537+
"startTime": "2022-09-23T03:00:00.000Z",
538+
"severity": "Info",
539+
"vulnId": "CVE-12"
508540
},
509541
{
510542
"cveProps": {
@@ -544,7 +576,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
544576
"props": {
545577
"isDailyJob": 1
546578
},
547-
"startTime": "2022-09-23T03:00:00.000Z"
579+
"startTime": "2022-09-23T03:00:00.000Z",
580+
"severity": "Info",
581+
"vulnId": "CVE-11"
548582
},
549583
{
550584
"cveProps": {
@@ -846,7 +880,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
846880
"props": {
847881
"isDailyJob": 1
848882
},
849-
"startTime": "2022-09-23T03:00:00.000Z"
883+
"startTime": "2022-09-23T03:00:00.000Z",
884+
"severity": "Info",
885+
"vulnId": "CVE-10"
850886
},
851887
{
852888
"cveProps": {
@@ -886,7 +922,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
886922
"props": {
887923
"isDailyJob": 1
888924
},
889-
"startTime": "2022-09-23T03:00:00.000Z"
925+
"startTime": "2022-09-23T03:00:00.000Z",
926+
"severity": "Info",
927+
"vulnId": "CVE-9"
890928
},
891929
{
892930
"cveProps": {
@@ -926,7 +964,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
926964
"props": {
927965
"isDailyJob": 1
928966
},
929-
"startTime": "2022-09-23T03:00:00.000Z"
967+
"startTime": "2022-09-23T03:00:00.000Z",
968+
"severity": "Info",
969+
"vulnId": "CVE-8"
930970
},
931971
{
932972
"cveProps": {
@@ -1031,7 +1071,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
10311071
"props": {
10321072
"isDailyJob": 1
10331073
},
1034-
"startTime": "2022-09-23T03:00:00.000Z"
1074+
"startTime": "2022-09-23T03:00:00.000Z",
1075+
"severity": "Info",
1076+
"vulnId": "CVE-7"
10351077
},
10361078
{
10371079
"cveProps": {
@@ -1071,7 +1113,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
10711113
"props": {
10721114
"isDailyJob": 1
10731115
},
1074-
"startTime": "2022-09-23T03:00:00.000Z"
1116+
"startTime": "2022-09-23T03:00:00.000Z",
1117+
"severity": "Info",
1118+
"vulnId": "CVE-6"
10751119
},
10761120
{
10771121
"cveProps": {
@@ -1111,7 +1155,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
11111155
"props": {
11121156
"isDailyJob": 1
11131157
},
1114-
"startTime": "2022-09-23T03:00:00.000Z"
1158+
"startTime": "2022-09-23T03:00:00.000Z",
1159+
"severity": "Info",
1160+
"vulnId": "CVE-5"
11151161
},
11161162
{
11171163
"cveProps": {
@@ -1151,7 +1197,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
11511197
"props": {
11521198
"isDailyJob": 1
11531199
},
1154-
"startTime": "2022-09-23T03:00:00.000Z"
1200+
"startTime": "2022-09-23T03:00:00.000Z",
1201+
"severity": "Info",
1202+
"vulnId": "CVE-4"
11551203
},
11561204
{
11571205
"cveProps": {
@@ -1322,7 +1370,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
13221370
"props": {
13231371
"isDailyJob": 1
13241372
},
1325-
"startTime": "2022-09-23T03:00:00.000Z"
1373+
"startTime": "2022-09-23T03:00:00.000Z",
1374+
"severity": "Info",
1375+
"vulnId": "CVE-3"
13261376
},
13271377
{
13281378
"cveProps": {
@@ -1362,7 +1412,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
13621412
"props": {
13631413
"isDailyJob": 1
13641414
},
1365-
"startTime": "2022-09-23T03:00:00.000Z"
1415+
"startTime": "2022-09-23T03:00:00.000Z",
1416+
"severity": "Info",
1417+
"vulnId": "CVE-2"
13661418
},
13671419
{
13681420
"cveProps": {
@@ -1402,7 +1454,9 @@ func mockHostVulnerabilityAssessment() api.VulnerabilitiesHostResponse {
14021454
"props": {
14031455
"isDailyJob": 1
14041456
},
1405-
"startTime": "2022-09-23T03:00:00.000Z"
1457+
"startTime": "2022-09-23T03:00:00.000Z",
1458+
"severity": "Info",
1459+
"vulnId": "CVE-1"
14061460
},
14071461
{
14081462
"cveProps": {
@@ -1529,10 +1583,24 @@ var expectedCSVHostDetailsTable = `
15291583
CVE ID,Severity,Score,Package,Package Namespace,Current Version,Fix Version,Pkg Status,First Seen,Last Status Update,Vuln Status
15301584
CVE-2022-33741,High,3.6,7.1,linux-aws,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,2022-09-16 03:00:00 +0000 UTC,2022-09-17 03:00:00 +0000 UTC,
15311585
CVE-2022-30787,Medium,4.6,6.7,ntfs-3g,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,1:2017.3.23-2ubuntu0.18.04.4,,2022-06-08 03:00:00 +0000 UTC,2022-06-09 03:00:00 +0000 UTC,
1532-
CVE-2022-0351,Medium,4.6,7.8,vim,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,2022-01-30 03:00:00 +0000 UTC,2022-01-31 03:00:00 +0000 UTC,
15331586
CVE-2022-27782,Medium,5.0,7.5,curl,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,7.58.0-2ubuntu3.18,,2022-05-12 03:00:00 +0000 UTC,2022-05-13 03:00:00 +0000 UTC,
1534-
CVE-2020-13988,Low,5.0,7.5,open-iscsi,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,2021-01-23 03:00:00 +0000 UTC,2021-01-24 03:00:00 +0000 UTC,
1587+
CVE-2022-0351,Medium,4.6,7.8,vim,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,2022-01-30 03:00:00 +0000 UTC,2022-01-31 03:00:00 +0000 UTC,
1588+
CVE-2019-18276,Low,7.2,7.8,bash,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,4.4.18-2ubuntu1.3,ACTIVE,2021-01-05 11:00:00 +0000 UTC,2021-01-06 03:00:00 +0000 UTC,ACTIVE
15351589
CVE-2022-2129,Low,6.8,7.8,vim,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,2022-07-20 03:00:00 +0000 UTC,2022-07-21 03:00:00 +0000 UTC,
1590+
CVE-2020-13988,Low,5.0,7.5,open-iscsi,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,2021-01-23 03:00:00 +0000 UTC,2021-01-24 03:00:00 +0000 UTC,
15361591
CVE-2015-20107,Low,10.0,9.8,python3.6,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,3.6.9-1~18.04ubuntu1.8,,2022-04-16 03:00:00 +0000 UTC,2022-04-17 03:00:00 +0000 UTC,
1537-
CVE-2019-18276,Low,7.2,7.8,bash,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,4.4.18-2ubuntu1.3,ACTIVE,2021-01-05 11:00:00 +0000 UTC,2021-01-06 03:00:00 +0000 UTC,ACTIVE
1592+
CVE-13,Info,0.0,0.0,lsb-release,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1593+
CVE-2,Info,0.0,0.0,dirmngr,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1594+
CVE-14,Info,0.0,0.0,linux-aws-5.4-headers-5.4.0-1049,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1595+
CVE-1,Info,0.0,0.0,libfribidi0,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1596+
CVE-12,Info,0.0,0.0,libnuma1,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1597+
CVE-11,Info,0.0,0.0,libpython3.6-minimal,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1598+
CVE-10,Info,0.0,0.0,linux-aws-5.4-headers-5.4.0-1039,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1599+
CVE-3,Info,0.0,0.0,libpsl5,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1600+
CVE-4,Info,0.0,0.0,publicsuffix,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1601+
CVE-5,Info,0.0,0.0,vim,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1602+
CVE-6,Info,0.0,0.0,libpython3.6,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1603+
CVE-7,Info,0.0,0.0,telnet,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1604+
CVE-8,Info,0.0,0.0,htop,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
1605+
CVE-9,Info,0.0,0.0,libcurl4,ubuntu:18.04,1:2017.3.23-2ubuntu0.18.04.2,,,,,
15381606
`

0 commit comments

Comments
 (0)