Skip to content

Commit

Permalink
feat: change test_vulnerability cases
Browse files Browse the repository at this point in the history
  • Loading branch information
@rafabailon
rafabailon committed Feb 21, 2024
1 parent 53dc845 commit bfa9004
Showing 1 changed file with 66 additions and 83 deletions.
149 changes: 66 additions & 83 deletions tests/end_to_end/test_vulnerability_detector/cases/test_vulnerability.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@
amd64: ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
arm64v8: ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
windows:
Used Package: VLC 3.0.6 - Exe Format
CVE: ["CVE-2023-47360", "CVE-2023-47359", "CVE-2023-46814", "CVE-2022-41325", "CVE-2020-26664", "CVE-2019-19721", "CVE-2019-13962", "CVE-2019-13602", "CVE-2019-12874", "CVE-2019-5460", "CVE-2019-5459", "CVE-2019-5439"],
Used Package: Node 17.0.1 - Exe Format
CVE: ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
ubuntu:
Used Package Grafana 8.5.5 - .deb Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Mysql 5.5.20 - .deb Format
CVE: ["CVE-2023-22028", "CVE-2023-22026", "CVE-2023-22015", "CVE-2023-22007", "CVE-2023-21980", "CVE-2023-21977", "CVE-2022-21444", "CVE-2022-21417", "CVE-2021-22570", "CVE-2021-2356", "CVE-2020-15358", "CVE-2020-14852", "CVE-2020-14846", "CVE-2020-14845", "CVE-2020-14839", "CVE-2020-14837", "CVE-2020-14830"]
centos:
Used Package Grafana - .rpm Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Openjdk 1.6.0 - .rpm Format
CVE: ["CVE-2023-21967", "CVE-2023-21954", "CVE-2023-21939", "CVE-2023-21938", "CVE-2023-21937", "CVE-2023-21930", "CVE-2014-2405", "CVE-2014-1876", "CVE-2014-0462", "CVE-2012-5373", "CVE-2012-2739"]
preconditions: null
body:
tasks:
Expand All @@ -26,13 +26,11 @@
state_index: true
package:
centos:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: openjdk-1.6.0
ubuntu:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: mysql-5.5.20
windows:
amd64: vlc-3.0.6
amd64: node-v17.0.1
macos:
amd64: node-v17.0.1
arm64v8: node-v17.0.1
Expand All @@ -45,18 +43,18 @@
CVES Expected to mitigate:
["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
windows:
Used Package: VLC 3.0.6 - Exe Format
Used Package: Node 17.0.1 - Exe Format
CVES Expected to mitigate:
["CVE-2023-47360", "CVE-2023-47359", "CVE-2023-46814", "CVE-2022-41325", "CVE-2020-26664", "CVE-2019-19721", "CVE-2019-13962", "CVE-2019-13602", "CVE-2019-12874", "CVE-2019-5460", "CVE-2019-5459", "CVE-2019-5439"],
["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
ubuntu:
Used Package Grafana 8.5.5 - .deb Format
Used Package Mysql 5.5.20 - .deb Format
CVES Expected to mitigate:
["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
["CVE-2023-22028", "CVE-2023-22026", "CVE-2023-22015", "CVE-2023-22007", "CVE-2023-21980", "CVE-2023-21977", "CVE-2022-21444", "CVE-2022-21417", "CVE-2021-22570", "CVE-2021-2356", "CVE-2020-15358", "CVE-2020-14852", "CVE-2020-14846", "CVE-2020-14845", "CVE-2020-14839", "CVE-2020-14837", "CVE-2020-14830"]
centos:
Used Package Grafana - .rpm Format
Used Package Openjdk 1.6.0 - .rpm Format
CVE Expected to mitigate:
["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
["CVE-2023-21967", "CVE-2023-21954", "CVE-2023-21939", "CVE-2023-21938", "CVE-2023-21937", "CVE-2023-21930", "CVE-2014-2405", "CVE-2014-1876", "CVE-2014-0462", "CVE-2012-5373", "CVE-2012-2739"]
preconditions: null
body:
tasks:
Expand All @@ -67,13 +65,11 @@
state_index: true
package:
centos:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: openjdk-1.6.0
ubuntu:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: mysql-5.5.20
windows:
amd64: vlc-3.0.6
amd64: node-v17.0.1
macos:
amd64: node-v17.0.1
arm64v8: node-v17.0.1
Expand All @@ -87,14 +83,14 @@
amd64: ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
arm64v8: ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
windows:
Used Package: VLC 3.0.7 - Exe Format
Used Package: Node 17.1.0 - Exe Format
"CVE": ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
ubuntu:
Used Package Grafana 8.5.6 - .deb Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Mysql 5.5.21 - .deb Format
CVE: ["CVE-2023-22028", "CVE-2023-22026", "CVE-2023-22015", "CVE-2023-22007", "CVE-2023-21980", "CVE-2023-21977", "CVE-2022-21444", "CVE-2022-21417", "CVE-2021-22570", "CVE-2021-2356", "CVE-2020-15358", "CVE-2020-14852", "CVE-2020-14846", "CVE-2020-14845", "CVE-2020-14839", "CVE-2020-14837", "CVE-2020-14830"]
centos:
Used Package Grafana 8.5.6 - .rpm Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Openjdk 1.7.0 - .rpm Format
CVE: ["CVE-2023-21967", "CVE-2023-21954", "CVE-2023-21939", "CVE-2023-21938", "CVE-2023-21937", "CVE-2023-21930", "CVE-2014-8873", "CVE-2014-2483", "CVE-2014-1876", "CVE-2013-2461", "CVE-2012-5373", "CVE-2012-2739"]
preconditions:
tasks:
- operation: install_package
Expand All @@ -104,13 +100,11 @@
state_index: true
package:
centos:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: openjdk-1.6.0"
ubuntu:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: mysql-5.5.20
windows:
amd64: vlc-3.0.6
amd64: node-v17.0.1
macos:
amd64: node-v17.0.1
arm64v8: node-v17.0.1
Expand All @@ -124,24 +118,21 @@
package:
from:
centos:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: openjdk-1.6.0"
ubuntu:
amd64: grafana-8.5.5
arm64v8: grafana-8.5.5
amd64: mysql-5.5.20
windows:
amd64: vlc-3.0.6
amd64: node-v17.0.1
macos:
amd64: node-v17.0.1
arm64v8: node-v17.0.1
to:
centos:
amd64: firefox-91.13.0
arm64v8: grafana-8.5.6
amd64: openjdk-1.7.0"
ubuntu:
amd64: grafana-8.5.6
amd64: mysql-5.5.21
windows:
amd64: vlc-3.0.6
amd64: node-v17.1.0
macos:
amd64: node-v17.1.0
arm64v8: node-v17.1.0
Expand All @@ -154,14 +145,14 @@
Used Package: Node 18.11.0 - PKG Format
CVES: ["CVE-2023-38552", "CVE-2023-32559", "CVE-2023-32006", "CVE-2023-32002", "CVE-2023-30590", "CVE-2023-30588", "CVE-2023-30585", "CVE-2023-30581", "CVE-2023-23920", "CVE-2023-23919", "CVE-2023-23918", "CVE-2022-32222"],
windows:
Used Package: VLC 3.0.7.1 - Exe Format
"CVE": ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
Used Package: Node 18.0.0 - Exe Format
"CVE": ["CVE-2023-38552", "CVE-2023-32559", "CVE-2023-32006", "CVE-2023-32002", "CVE-2023-30590", "CVE-2023-30589", "CVE-2023-30588", "CVE-2023-30585", "CVE-2023-30581", "CVE-2023-23920", "CVE-2023-23919", "CVE-2023-23918", "CVE-2022-43548", "CVE-2022-35256", "CVE-2022-35255", "CVE-2022-32223", "CVE-2022-32222", "CVE-2022-32215", "CVE-2022-32214", "CVE-2022-32213", "CVE-2022-32212", "CVE-2022-3786", "CVE-2022-3602"],
ubuntu:
Used Package Grafana 9.1.1 - .deb Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Mysql 5.5.19 - .deb Format
CVE: ["CVE-2023-22026", "CVE-2023-22015", "CVE-2023-22007", "CVE-2023-21980", "CVE-2023-21977", "CVE-2022-21444", "CVE-2022-21417", "CVE-2021-22570", "CVE-2023-22007", "CVE-2023-22028", "CVE-2021-2356", "CVE-2022-21417", "CVE-2022-21444", "CVE-2023-21980", "CVE-2023-21977"]
centos:
Used Package Grafana 9.1.1 - .rpm Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Openjdk 1.7.0" - .rpm Format
CVE: ["CVE-2023-21967", "CVE-2023-21954", "CVE-2023-21939", "CVE-2023-21938", "CVE-2023-21937", "CVE-2023-21930", "CVE-2014-8873", "CVE-2014-2483", "CVE-2014-1876", "CVE-2013-2461", "CVE-2012-5373", "CVE-2012-2739"]
preconditions: null
body:
tasks:
Expand All @@ -173,25 +164,21 @@
package:
from:
centos:
amd64: grafana-8.5.6
arm64v8: grafana-8.5.6
amd64: openjdk-1.6.0"
ubuntu:
amd64: grafana-8.5.6
arm64v8: grafana-8.5.6
amd64: mysql-5.5.18
windows:
amd64: vlc-3.0.7
amd64: node-v17.1.0
macos:
amd64: node-v17.1.0
arm64v8: node-v17.1.0
to:
centos:
amd64: grafana-9.1.1
arm64v8: grafana-9.1.1
amd64: openjdk-1.7.0"
ubuntu:
amd64: grafana-9.1.1
arm64v8: grafana-9.1.1
amd64: mysql-5.5.19
windows:
amd64: vlc-3.0.7.1
amd64: node-v18.0.0
macos:
amd64: node-v18.11.0
arm64v8: node-v18.11.0
Expand All @@ -206,14 +193,14 @@
Used Package: Node 18.12.0 - PKG Format
"CVE": ["CVE-2023-44487", "CVE-2023-38552", "CVE-2023-32002", "CVE-2023-30590", "CVE-2023-30588", "CVE-2023-30585", "CVE-2023-23936", "CVE-2023-23920", "CVE-2023-23919", "CVE-2023-23918", "CVE-2022-43548", "CVE-2022-3786", "CVE-2022-3602"],
windows:
Used Package: VLC 3.0.11 - Exe Format
"CVE": ["CVE-2022-21824", "CVE-2022-0778", "CVE-2021-44533", "CVE-2021-44532", "CVE-2021-44531", "CVE-2021-4044"],
Used Package: Node 18.1.0 - Exe Format
"CVE": ["CVE-2023-38552", "CVE-2023-32559", "CVE-2023-32006", "CVE-2023-32002", "CVE-2023-30590", "CVE-2023-30588", "CVE-2023-30585", "CVE-2023-30581", "CVE-2023-23920", "CVE-2023-23919", "CVE-2023-23918", "CVE-2022-43548", "CVE-2022-35256", "CVE-2022-35255", "CVE-2022-32222", "CVE-2022-32215", "CVE-2022-32214", "CVE-2022-32213", "CVE-2022-32212", "CVE-2022-3786", "CVE-2022-3602"],
ubuntu:
Used Package Grafana 9.2.0 - .deb Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Mysql 5.5.19 - .deb Format
CVE: ["CVE-2023-22026", "CVE-2023-22015", "CVE-2023-22007", "CVE-2023-21980", "CVE-2023-21977", "CVE-2022-21444", "CVE-2022-21417", "CVE-2021-22570", "CVE-2023-22007", "CVE-2023-22028", "CVE-2021-2356", "CVE-2022-21417", "CVE-2022-21444", "CVE-2023-21980", "CVE-2023-21977"]
centos:
Used Package Grafana 9.2.0 - .rpm Format
CVE: ["CVE-2023-2183", "CVE-2023-1410", "CVE-2023-0594", "CVE-2023-0507", "CVE-2022-39324", "CVE-2022-39307", "CVE-2022-39306", "CVE-2022-39229", "CVE-2022-39201", "CVE-2022-36062", "CVE-2022-35957", "CVE-2022-31130", "CVE-2022-31123", "CVE-2022-31107", "CVE-2022-31097", "CVE-2022-23552", "CVE-2022-23498"]
Used Package Openjdk 1.8.0 - .rpm Format
CVE: ["CVE-2023-21967", "CVE-2023-21954", "CVE-2023-21939", "CVE-2023-21938", "CVE-2023-21937", "CVE-2023-21930", "CVE-2021-20264", "CVE-2014-1876", "CVE-2012-2739"]
preconditions: null
body:
tasks:
Expand All @@ -225,25 +212,21 @@
package:
from:
centos:
amd64: grafana-9.1.1
arm64v8: grafana-9.1.1
amd64: openjdk-1.7.0
ubuntu:
amd64: grafana-9.1.1
arm64v8: grafana-9.1.1
amd64: mysql-5.5.18
windows:
amd64: vlc-3.0.7.1
amd64: node-v18.0.0
macos:
amd64: node-v18.11.0
arm64v8: node-v18.11.0
to:
centos:
amd64: grafana-9.2.0
arm64v8: grafana-9.2.0
amd64: openjdk-1.8.0
ubuntu:
amd64: grafana-9.2.0
arm64v8: grafana-9.2.0
amd64: mysql-5.5.19
windows:
amd64: vlc-3.0.11
amd64: node-v18.1.0
macos:
amd64: node-v18.12.0
arm64v8: node-v18.12.0
Expand All @@ -256,7 +239,7 @@
Used Package: Node 19.5.0 - PKG Format
"CVE": [],
windows:
Used Package: VLC 3.0.11 - Exe Format
Used Package: Node 19.5.0 - Exe Format
"CVE": [],
ubuntu:
Used Package Grafana 9.4.17 - .deb Format
Expand All @@ -281,7 +264,7 @@
amd64: grafana-9.2.0
arm64v8: grafana-9.2.0
windows:
amd64: vlc-3.0.11
amd64: node-v18.1.0
macos:
amd64: node-v18.12.0
arm64v8: node-v18.12.0
Expand All @@ -293,7 +276,7 @@
arm64v8: grafana-9.4.17
amd64: grafana-9.4.17
windows:
amd64: vlc-3.0.20
amd64: node-v19.5.0
macos:
amd64: node-v19.5.0
arm64v8: node-v19.5.0
Expand Down Expand Up @@ -340,7 +323,7 @@
arm64v8: grafana-9.4.17
amd64: grafana-9.4.17
windows:
amd64: vlc-3.0.20
amd64: node-v19.5.0
macos:
amd64: node-v19.5.0
arm64v8: node-v19.5.0
Expand All @@ -365,8 +348,8 @@
Used Package: Node 20.0.0 - PKG Format
"CVE": ["CVE-2023-44487", "CVE-2023-39332", "CVE-2023-39331", "CVE-2023-38552", "CVE-2023-32559", "CVE-2023-32558", "CVE-2023-32006", "CVE-2023-32005", "CVE-2023-32004", "CVE-2023-32003", "CVE-2023-32002", "CVE-2023-30590", "CVE-2023-30588", "CVE-2023-30586", "CVE-2023-30585", "CVE-2023-30581"],
windows:
Used Package: Node 20.0.0 - Exe Format
"CVE": ["CVE-2023-44487", "CVE-2023-39332", "CVE-2023-39331", "CVE-2023-38552", "CVE-2023-32559", "CVE-2023-32558", "CVE-2023-32006", "CVE-2023-32005", "CVE-2023-32004", "CVE-2023-32003", "CVE-2023-32002", "CVE-2023-30590", "CVE-2023-30588", "CVE-2023-30586", "CVE-2023-30585", "CVE-2023-30581"],
Used Package: Node 20.5.1 - Exe Format
"CVE": ["CVE-2023-44487", "CVE-2023-39332", "CVE-2023-39331", "CVE-2023-38552"],
ubuntu:
Used Package Grafana 9.5.13 - .deb Format
CVE: ["CVE-2023-4822", "CVE-2023-4399"],
Expand All @@ -389,7 +372,7 @@
ubuntu:
amd64: grafana-8.5.5
windows:
amd64: vlc-3.0.6
amd64: node-v19.6.0
macos:
amd64: node-v19.6.0
arm64v8: node-v19.6.0
Expand All @@ -400,7 +383,7 @@
ubuntu:
amd64: grafana-8.5.5
windows:
amd64: vlc-3.0.6
amd64: node-v20.5.1
macos:
amd64: node-v20.0.0
arm64v8: node-v20.0.0
Expand Down Expand Up @@ -437,7 +420,7 @@
amd64: grafana-9.5.13
arm64v8: grafana-9.5.13
windows:
amd64: node-v19.6.0
amd64: node-v19.5.0
macos:
amd64: node-v19.6.0
arm64v8: node-v19.6.0
Expand Down Expand Up @@ -472,7 +455,7 @@
amd64: grafana-9.5.13
arm64v8: grafana-9.5.13
windows:
amd64: node-v19.6.0
amd64: node-v19.5.0
macos:
amd64: node-v19.6.0
arm64v8: node-v19.6.0
Expand Down

0 comments on commit bfa9004

Please sign in to comment.