Add missing affected_packages

ziadhany · ziadhany · commit fc88a43db52d · 2026-02-04T02:24:50.000+02:00
Signed-off-by: ziad hany &lt;ziadhany2016@gmail.com&gt;
diff --git a/vulnerabilities/pipelines/v2_importers/retiredotnet_importer.py b/vulnerabilities/pipelines/v2_importers/retiredotnet_importer.py
@@ -94,7 +94,7 @@ def collect_advisories(self):
                     if fixed_versions:
                         fixed_version_range = NugetVersionRange.from_versions(affected_versions)
 
-                    if affected_packages:
+                    if affected_version_range or fixed_version_range:
                         affected_packages.append(
                             AffectedPackageV2(
                                 package=PackageURL(type="nuget", name=name),
diff --git a/vulnerabilities/tests/pipelines/v2_importers/test_retiredotnet_imprter.py b/vulnerabilities/tests/pipelines/v2_importers/test_retiredotnet_imprter.py
@@ -35,7 +35,7 @@ def test_vuln_id_from_desc():
 @pytest.mark.django_db
 def test_retiredotnet_advisories_per_file():
     pipeline = RetireDotnetImporterPipeline()
-    test_file = TEST_DATA / "1.json"
+    test_file = TEST_DATA / "12.json"
     expected_file = TEST_DATA / "expected_file.json"
     pipeline.vcs_response = Mock(dest_dir=TEST_DATA)
 
diff --git a/vulnerabilities/tests/test_data/retiredotnet_v2/1.json b/vulnerabilities/tests/test_data/retiredotnet_v2/1.json
diff --git a/vulnerabilities/tests/test_data/retiredotnet_v2/12.json b/vulnerabilities/tests/test_data/retiredotnet_v2/12.json
@@ -0,0 +1,176 @@
+{
+  "link": "https://github.com/aspnet/Announcements/issues/334",
+  "description": "Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability",
+  "packages": [
+    {
+      "id": "Microsoft.AspNetCore.WebSockets",
+      "affected": "2.1.0",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.WebSockets",
+      "affected": "2.1.1",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.WebSockets",
+      "affected": "2.2.0",
+      "fix": "2.2.1"
+    },
+    {
+      "id": "Microsoft.AspNetCore.Server.Kestrel.Core",
+      "affected": "2.1.0",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.Server.Kestrel.Core",
+      "affected": "2.1.1",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.Server.Kestrel.Core",
+      "affected": "2.1.2",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.Server.Kestrel.Core",
+      "affected": "2.1.3",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "System.Net.WebSockets.WebSocketProtocol",
+      "affected": "4.5.0",
+      "fix": "4.5.3"
+    },
+    {
+      "id": "System.Net.WebSockets.WebSocketProtocol",
+      "affected": "4.5.1",
+      "fix": "4.5.3"
+    },
+    {
+      "id": "System.Net.WebSockets.WebSocketProtocol",
+      "affected": "4.5.2",
+      "fix": "4.5.3"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.1.0",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.1.1",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.1.2",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.1.3",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.1.4",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.1.5",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.1.6",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.NETCore.App",
+      "affected": "2.2.0",
+      "fix": "2.2.1"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.1.0",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.1.1",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.1.2",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.1.3",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.1.4",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.1.5",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.1.6",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.App",
+      "affected": "2.2.0",
+      "fix": "2.2.1"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.1.0",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.1.1",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.1.2",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.1.3",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.1.4",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.1.5",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.1.6",
+      "fix": "2.1.7"
+    },
+    {
+      "id": "Microsoft.AspNetCore.All",
+      "affected": "2.2.0",
+      "fix": "2.2.1"
+    }
+  ]
+}
diff --git a/vulnerabilities/tests/test_data/retiredotnet_v2/expected_file.json b/vulnerabilities/tests/test_data/retiredotnet_v2/expected_file.json
@@ -1,22 +1,107 @@
 [
   {
-    "advisory_id": "RetireNet-1",
+    "advisory_id": "RetireNet-12",
     "aliases": [
-      "CVE-2019-0982"
+      "CVE-2019-0564"
+    ],
+    "summary": "Microsoft Security Advisory CVE-2019-0564: ASP.NET Core Denial of Service Vulnerability",
+    "affected_packages": [
+      {
+        "package": {
+          "type": "nuget",
+          "namespace": "",
+          "name": "Microsoft.AspNetCore.All",
+          "version": "",
+          "qualifiers": "",
+          "subpath": ""
+        },
+        "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
+        "fixed_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
+        "introduced_by_commit_patches": [],
+        "fixed_by_commit_patches": []
+      },
+      {
+        "package": {
+          "type": "nuget",
+          "namespace": "",
+          "name": "Microsoft.AspNetCore.App",
+          "version": "",
+          "qualifiers": "",
+          "subpath": ""
+        },
+        "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
+        "fixed_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
+        "introduced_by_commit_patches": [],
+        "fixed_by_commit_patches": []
+      },
+      {
+        "package": {
+          "type": "nuget",
+          "namespace": "",
+          "name": "Microsoft.AspNetCore.Server.Kestrel.Core",
+          "version": "",
+          "qualifiers": "",
+          "subpath": ""
+        },
+        "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3",
+        "fixed_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3",
+        "introduced_by_commit_patches": [],
+        "fixed_by_commit_patches": []
+      },
+      {
+        "package": {
+          "type": "nuget",
+          "namespace": "",
+          "name": "Microsoft.AspNetCore.WebSockets",
+          "version": "",
+          "qualifiers": "",
+          "subpath": ""
+        },
+        "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.2.0",
+        "fixed_version_range": "vers:nuget/2.1.0|2.1.1|2.2.0",
+        "introduced_by_commit_patches": [],
+        "fixed_by_commit_patches": []
+      },
+      {
+        "package": {
+          "type": "nuget",
+          "namespace": "",
+          "name": "Microsoft.NETCore.App",
+          "version": "",
+          "qualifiers": "",
+          "subpath": ""
+        },
+        "affected_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
+        "fixed_version_range": "vers:nuget/2.1.0|2.1.1|2.1.2|2.1.3|2.1.4|2.1.5|2.1.6|2.2.0",
+        "introduced_by_commit_patches": [],
+        "fixed_by_commit_patches": []
+      },
+      {
+        "package": {
+          "type": "nuget",
+          "namespace": "",
+          "name": "System.Net.WebSockets.WebSocketProtocol",
+          "version": "",
+          "qualifiers": "",
+          "subpath": ""
+        },
+        "affected_version_range": "vers:nuget/4.5.0|4.5.1|4.5.2",
+        "fixed_version_range": "vers:nuget/4.5.0|4.5.1|4.5.2",
+        "introduced_by_commit_patches": [],
+        "fixed_by_commit_patches": []
+      }
     ],
-    "summary": "Microsoft Security Advisory CVE-2019-0982: ASP.NET Core Denial of Service Vulnerability",
-    "affected_packages": [],
     "references_v2": [
       {
         "reference_id": "",
         "reference_type": "",
-        "url": "https://github.com/aspnet/Announcements/issues/359"
+        "url": "https://github.com/aspnet/Announcements/issues/334"
       }
     ],
     "patches": [],
     "severities": [],
     "date_published": null,
     "weaknesses": [],
-    "url": "https://github.com/RetireNet/Packages/blob/master/1.json"
+    "url": "https://github.com/RetireNet/Packages/blob/master/12.json"
   }
 ]
