Skip to content

Commit 7689246

Browse files
TG1999TG1999
committed
Address review comments
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
1 parent 921898c commit 7689246

File tree

2 files changed

+37
-41
lines changed

2 files changed

+37
-41
lines changed

vulnerabilities/templates/vulnerability_details.html

Lines changed: 36 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -408,8 +408,8 @@
408408

409409
<div class="tab-div content" data-content="severities-vectors">
410410
{% for severity_vector in severity_vectors %}
411-
{% if severity_vector.version == '2.0' %}
412-
Vector: {{ severity_vector.vectorString }}
411+
{% if severity_vector.vector.version == '2.0' %}
412+
Vector: {{ severity_vector.vector.vectorString }} Found at <a href="{{ severity_vector.origin }}" target="_blank">{{ severity_vector.origin }}</a>
413413
<table class="table is-bordered is-striped is-narrow is-hoverable is-fullwidth gray-header-border">
414414
<tr>
415415
<th>Exploitability (E)</th>
@@ -421,17 +421,17 @@
421421
<th>Availability Impact (A)</th>
422422
</tr>
423423
<tr>
424-
<td>{{ severity_vector.exploitability|cvss_printer:"high,functional,unproven,proof_of_concept,not_defined" }}</td>
425-
<td>{{ severity_vector.accessVector|cvss_printer:"local,adjacent_network,network" }}</td>
426-
<td>{{ severity_vector.accessComplexity|cvss_printer:"high,medium,low" }}</td>
427-
<td>{{ severity_vector.authentication|cvss_printer:"multiple,single,none" }}</td>
428-
<td>{{ severity_vector.confidentialityImpact|cvss_printer:"none,partial,complete" }}</td>
429-
<td>{{ severity_vector.integrityImpact|cvss_printer:"none,partial,complete" }}</td>
430-
<td>{{ severity_vector.availabilityImpact|cvss_printer:"none,partial,complete" }}</td>
424+
<td>{{ severity_vector.vector.exploitability|cvss_printer:"high,functional,unproven,proof_of_concept,not_defined" }}</td>
425+
<td>{{ severity_vector.vector.accessVector|cvss_printer:"local,adjacent_network,network" }}</td>
426+
<td>{{ severity_vector.vector.accessComplexity|cvss_printer:"high,medium,low" }}</td>
427+
<td>{{ severity_vector.vector.authentication|cvss_printer:"multiple,single,none" }}</td>
428+
<td>{{ severity_vector.vector.confidentialityImpact|cvss_printer:"none,partial,complete" }}</td>
429+
<td>{{ severity_vector.vector.integrityImpact|cvss_printer:"none,partial,complete" }}</td>
430+
<td>{{ severity_vector.vector.availabilityImpact|cvss_printer:"none,partial,complete" }}</td>
431431
</tr>
432432
</table>
433-
{% elif severity_vector.version == '3.1' or severity_vector.version == '3.0'%}
434-
Vector: {{ severity_vector.vectorString }}
433+
{% elif severity_vector.vector.version == '3.1' or severity_vector.vector.version == '3.0'%}
434+
Vector: {{ severity_vector.vector.vectorString }} Found at <a href="{{ severity_vector.origin }}" target="_blank">{{ severity_vector.origin }}</a>
435435
<table class="table is-bordered is-striped is-narrow is-hoverable is-fullwidth gray-header-border">
436436
<tr>
437437
<th>Attack Vector (AV)</th>
@@ -444,18 +444,18 @@
444444
<th>Availability Impact (A)</th>
445445
</tr>
446446
<tr>
447-
<td>{{ severity_vector.attackVector|cvss_printer:"network,adjacent_network,local,physical"}}</td>
448-
<td>{{ severity_vector.attackComplexity|cvss_printer:"low,high" }}</td>
449-
<td>{{ severity_vector.privilegesRequired|cvss_printer:"none,low,high" }}</td>
450-
<td>{{ severity_vector.userInteraction|cvss_printer:"none,required"}}</td>
451-
<td>{{ severity_vector.scope|cvss_printer:"unchanged,changed" }}</td>
452-
<td>{{ severity_vector.confidentialityImpact|cvss_printer:"high,low,none" }}</td>
453-
<td>{{ severity_vector.integrityImpact|cvss_printer:"high,low,none" }}</td>
454-
<td>{{ severity_vector.availabilityImpact|cvss_printer:"high,low,none" }}</td>
447+
<td>{{ severity_vector.vector.attackVector|cvss_printer:"network,adjacent_network,local,physical"}}</td>
448+
<td>{{ severity_vector.vector.attackComplexity|cvss_printer:"low,high" }}</td>
449+
<td>{{ severity_vector.vector.privilegesRequired|cvss_printer:"none,low,high" }}</td>
450+
<td>{{ severity_vector.vector.userInteraction|cvss_printer:"none,required"}}</td>
451+
<td>{{ severity_vector.vector.scope|cvss_printer:"unchanged,changed" }}</td>
452+
<td>{{ severity_vector.vector.confidentialityImpact|cvss_printer:"high,low,none" }}</td>
453+
<td>{{ severity_vector.vector.integrityImpact|cvss_printer:"high,low,none" }}</td>
454+
<td>{{ severity_vector.vector.availabilityImpact|cvss_printer:"high,low,none" }}</td>
455455
</tr>
456456
</table>
457-
{% elif severity_vector.version == '4' %}
458-
Vector: {{ severity_vector.vectorString }}
457+
{% elif severity_vector.vector.version == '4' %}
458+
Vector: {{ severity_vector.vector.vectorString }} Found at <a href="{{ severity_vector.origin }}" target="_blank">{{ severity_vector.origin }}</a>
459459
<table class="table is-bordered is-striped is-narrow is-hoverable is-fullwidth gray-header-border">
460460
<tr>
461461
<th>Attack Vector (AV)</th>
@@ -473,24 +473,24 @@
473473
<th>Subsequent System Impact Availability (SA)</th>
474474
</tr>
475475
<tr>
476-
<td>{{ severity_vector.attackVector|cvss_printer:"network,adjacent,local,physical"}}</td>
477-
<td>{{ severity_vector.attackComplexity|cvss_printer:"low,high" }}</td>
478-
<td>{{ severity_vector.attackRequirement|cvss_printer:"none,present" }}</td>
479-
<td>{{ severity_vector.privilegesRequired|cvss_printer:"none,low,high" }}</td>
480-
<td>{{ severity_vector.userInteraction|cvss_printer:"none,passive,active"}}</td>
481-
482-
<td>{{ severity_vector.vulnerableSystemImpactConfidentiality|cvss_printer:"high,low,none" }}</td>
483-
<td>{{ severity_vector.vulnerableSystemImpactIntegrity|cvss_printer:"high,low,none" }}</td>
484-
<td>{{ severity_vector.vulnerableSystemImpactAvailability|cvss_printer:"high,low,none" }}</td>
485-
486-
<td>{{ severity_vector.subsequentSystemImpactConfidentiality|cvss_printer:"high,low,none" }}</td>
487-
<td>{{ severity_vector.subsequentSystemImpactIntegrity|cvss_printer:"high,low,none" }}</td>
488-
<td>{{ severity_vector.subsequentSystemImpactAvailability|cvss_printer:"high,low,none" }}</td>
476+
<td>{{ severity_vector.vector.attackVector|cvss_printer:"network,adjacent,local,physical"}}</td>
477+
<td>{{ severity_vector.vector.attackComplexity|cvss_printer:"low,high" }}</td>
478+
<td>{{ severity_vector.vector.attackRequirement|cvss_printer:"none,present" }}</td>
479+
<td>{{ severity_vector.vector.privilegesRequired|cvss_printer:"none,low,high" }}</td>
480+
<td>{{ severity_vector.vector.userInteraction|cvss_printer:"none,passive,active"}}</td>
481+
482+
<td>{{ severity_vector.vector.vulnerableSystemImpactConfidentiality|cvss_printer:"high,low,none" }}</td>
483+
<td>{{ severity_vector.vector.vulnerableSystemImpactIntegrity|cvss_printer:"high,low,none" }}</td>
484+
<td>{{ severity_vector.vector.vulnerableSystemImpactAvailability|cvss_printer:"high,low,none" }}</td>
485+
486+
<td>{{ severity_vector.vector.subsequentSystemImpactConfidentiality|cvss_printer:"high,low,none" }}</td>
487+
<td>{{ severity_vector.vector.subsequentSystemImpactIntegrity|cvss_printer:"high,low,none" }}</td>
488+
<td>{{ severity_vector.vector.subsequentSystemImpactAvailability|cvss_printer:"high,low,none" }}</td>
489489
</tr>
490490
</table>
491-
{% elif severity_vector.version == 'ssvc' %}
491+
{% elif severity_vector.vector.version == 'ssvc' %}
492492
<hr/>
493-
Vector: {{ severity_vector.vectorString }}
493+
Vector: {{ severity_vector.vector.vectorString }} Found at <a href="{{ severity_vector.origin }}" target="_blank">{{ severity_vector.origin }}</a>
494494
<hr/>
495495
{% endif %}
496496
{% empty %}

vulnerabilities/views.py

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -183,15 +183,14 @@ def get_context_data(self, **kwargs):
183183
]
184184

185185
severity_vectors = []
186-
severity_values = set()
187186
for s in self.object.severities.all():
188187
if s.scoring_system == EPSS.identifier:
189188
continue
190189

191190
if s.scoring_elements and s.scoring_system in SCORING_SYSTEMS:
192191
try:
193192
vector_values = SCORING_SYSTEMS[s.scoring_system].get(s.scoring_elements)
194-
severity_vectors.append(vector_values)
193+
severity_vectors.append({"vector": vector_values, "origin": s.url})
195194
except (
196195
CVSS2MalformedError,
197196
CVSS3MalformedError,
@@ -200,9 +199,6 @@ def get_context_data(self, **kwargs):
200199
):
201200
logging.error(f"CVSSMalformedError for {s.scoring_elements}")
202201

203-
if s.value:
204-
severity_values.add(s.value)
205-
206202
context.update(
207203
{
208204
"vulnerability": vulnerability,

0 commit comments

Comments
 (0)