Coverage for turvallisuusneuvonta/csaf/core/rules/mandatory/consistent_product_status.py: 0.00%
3 statements
« prev ^ index » next coverage.py v7.6.9, created at 2024-12-18 20:29:38 +00:00
« prev ^ index » next coverage.py v7.6.9, created at 2024-12-18 20:29:38 +00:00
1"""6.1.6 Contradicting Product Status
3For each item in /vulnerabilities it must be tested that the same Product ID is not member of contradicting
4product status groups.
5The sets formed by the contradicting groups within one vulnerability item must be pairwise disjoint.
7Contradiction groups are:
9Affected:
11* /vulnerabilities[]/product_status/first_affected[]
12* /vulnerabilities[]/product_status/known_affected[]
13* /vulnerabilities[]/product_status/last_affected[]
15Not affected:
17* /vulnerabilities[]/product_status/known_not_affected[]
19Fixed:
21* /vulnerabilities[]/product_status/first_fixed[]
22* /vulnerabilities[]/product_status/fixed[]
24Under investigation:
26* /vulnerabilities[]/product_status/under_investigation[]
28Note: An issuer might recommend (/vulnerabilities[]/product_status/recommended) a product version from any group -
29also from the affected group, i.e. if it was discoveres that fixed versions introduce a more severe vulnerability.
31Example 45 which fails the test:
33 "product_tree": {
34 "full_product_names": [
35 {
36 "product_id": "CSAFPID-9080700",
37 "name": "Product A"
38 }
39 ]
40 },
41 "vulnerabilities": [
42 {
43 "product_status": {
44 "known_affected": [
45 "CSAFPID-9080700"
46 ],
47 "known_not_affected": [
48 "CSAFPID-9080700"
49 ]
50 }
51 }
52 ]
54CSAFPID-9080700 is a member of the two contradicting groups "Affected" and "Not affected".
55"""
57ID = (6, 1, 6)
58TOPIC = 'Contradicting Product Status'
60PATHS = {
61 'affected': (
62 '/vulnerabilities[]/product_status/first_affected[]',
63 '/vulnerabilities[]/product_status/known_affected[]',
64 '/vulnerabilities[]/product_status/last_affected[]',
65 ),
66 'not_affected': ('/vulnerabilities[]/product_status/known_not_affected[]',),
67 'fixed': (
68 '/vulnerabilities[]/product_status/first_fixed[]',
69 '/vulnerabilities[]/product_status/fixed[]',
70 ),
71 'under_investigation': ('/vulnerabilities[]/product_status/under_investigation[]',),
72}