DefectDojo · mtesauro · Nov 11, 2024 · Nov 7, 2024 · Nov 7, 2024
diff --git a/dojo/tools/checkmarx/parser.py b/dojo/tools/checkmarx/parser.py
@@ -368,7 +368,7 @@ def _parse_date(self, value):
         if isinstance(value, str):
             return parser.parse(value).date()
         if isinstance(value, dict) and isinstance(value.get("seconds"), int):
-            return datetime.datetime.utcfromtimestamp(value.get("seconds")).date()
+            return datetime.datetime.fromtimestamp(value.get("seconds"), datetime.UTC).date()
         return None
 
     def _get_findings_json(self, file, test):

diff --git a/dojo/tools/checkmarx_one/parser.py b/dojo/tools/checkmarx_one/parser.py
@@ -22,7 +22,7 @@ def _parse_date(self, value):
         if isinstance(value, str):
             return parser.parse(value)
         if isinstance(value, dict) and isinstance(value.get("seconds"), int):
-            return datetime.datetime.utcfromtimestamp(value.get("seconds"))
+            return datetime.datetime.fromtimestamp(value.get("seconds"), datetime.UTC)
         return None
 
     def _parse_cwe(self, cwe):

diff --git a/dojo/tools/contrast/parser.py b/dojo/tools/contrast/parser.py
@@ -41,9 +41,7 @@ def get_findings(self, filename, test):
             severity = row.get("Severity")
             if severity == "Note":
                 severity = "Info"
-            date_raw = datetime.datetime.utcfromtimestamp(
-                int(row.get("First Seen")) / 1000,
-            )
+            date_raw = datetime.datetime.fromtimestamp(int(row.get("First Seen")) / 1000, datetime.UTC)
             finding = Finding(
                 title=title.split(" from")[0],
                 date=date_raw,

diff --git a/dojo/tools/wpscan/parser.py b/dojo/tools/wpscan/parser.py
@@ -1,6 +1,6 @@
+import datetime
 import hashlib
 import json
-from datetime import datetime
 
 from dojo.models import Endpoint, Finding
 
@@ -89,7 +89,7 @@ def get_findings(self, file, test):
 
         report_date = None
         if "start_time" in tree:
-            report_date = datetime.utcfromtimestamp(tree.get("start_time"))
+            report_date = datetime.datetime.fromtimestamp(tree.get("start_time"), datetime.UTC)
 
         dupes = {}
         # manage plugin findings

diff --git a/unittests/tools/test_wpscan_parser.py b/unittests/tools/test_wpscan_parser.py
@@ -26,7 +26,7 @@ def test_parse_file_exemple(self):
             self.assertIsNone(finding.unique_id_from_tool)  # interesting findings are not vlunerability
             self.assertEqual("Info", finding.severity)  # it is not a vulnerability so severity should be 'Info'
             self.assertEqual("Interesting finding: Headers", finding.title)
-            self.assertEqual(datetime.datetime(2021, 3, 26, 11, 50, 50), finding.date)
+            self.assertEqual(datetime.datetime(2021, 3, 26, 11, 50, 50, tzinfo=datetime.UTC), finding.date)
 
     def test_parse_file_with_no_vuln_has_no_findings(self):
         with open("unittests/scans/wpscan/wordpress_no_vuln.json", encoding="utf-8") as testfile:
@@ -49,7 +49,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self):
             self.assertEqual("8873", finding.unique_id_from_tool)
             self.assertNotEqual("Info", finding.severity)  # it is a vulnerability so not 'Info'
             self.assertEqual("YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)", finding.title)
-            self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16), finding.date)
+            self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16, tzinfo=datetime.UTC), finding.date)
 
     def test_parse_file_with_multiple_vuln_has_multiple_finding(self):
         with open("unittests/scans/wpscan/wordpress_many_vuln.json", encoding="utf-8") as testfile:
@@ -63,7 +63,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding(self):
             self.assertEqual("8873", finding.unique_id_from_tool)
             self.assertNotEqual("Info", finding.severity)  # it is a vulnerability so not 'Info'
             self.assertEqual("YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)", finding.title)
-            self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16), finding.date)
+            self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16, tzinfo=datetime.UTC), finding.date)
 
     def test_parse_file_with_multiple_vuln(self):
         with open("unittests/scans/wpscan/wpscan.json", encoding="utf-8") as testfile:
@@ -81,15 +81,15 @@ def test_parse_file_with_multiple_vuln(self):
                 self.assertEqual("Contact Form 7 < 5.3.2 - Unrestricted File Upload", finding.title)
                 self.assertEqual(1, len(finding.unsaved_vulnerability_ids))
                 self.assertEqual("CVE-2020-35489", finding.unsaved_vulnerability_ids[0])
-                self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6), finding.date)
+                self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6, tzinfo=datetime.UTC), finding.date)
                 self.assertEqual("", finding.get_scanner_confidence_text())  # data are => 100%
 
             with self.subTest(i=4):
                 finding = findings[4]
                 self.assertIsNone(finding.unique_id_from_tool)  # interesting findings are not vlunerability
                 self.assertEqual("Info", finding.severity)  # it is not a vulnerability so severity should be 'Info'
                 self.assertEqual("Interesting finding: WordPress readme found: http://example/readme.html", finding.title)
-                self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6), finding.date)
+                self.assertEqual(datetime.datetime(2021, 3, 17, 12, 21, 6, tzinfo=datetime.UTC), finding.date)
                 self.assertEqual("", finding.get_scanner_confidence_text())  # data are => "confidence": 100,
 
     def test_parse_file_with_multiple_vuln_in_version(self):