Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(rhel): improved handling CVSS V3 parsing #404

Merged
merged 1 commit into from
Nov 24, 2023
Merged

chore(rhel): improved handling CVSS V3 parsing #404

merged 1 commit into from
Nov 24, 2023

Conversation

westonsteimel
Copy link
Contributor

@westonsteimel westonsteimel commented Nov 23, 2023
edited
Loading

Prior to this change, every single record without a CVSS V3 score will emit a ValueError on info log level.

File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 815, in __init__
2023-11-23T01:31:16.9105321Z [0073]  INFO rhel: raise ValueError("vector_string and base_score must be valid")
2023-11-23T01:31:16.9106520Z [0073]  INFO rhel: ValueError: vector_string and base_score must be valid
2023-11-23T01:31:16.9261917Z [0073]  INFO rhel: �[0munable to make cvss3, defaulting to None�[0m
2023-11-23T01:31:16.9262912Z [0073]  INFO rhel: Traceback (most recent call last):
2023-11-23T01:31:16.9264548Z [0073]  INFO rhel: File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 682, in _parse_cve
2023-11-23T01:31:16.9265594Z [0073]  INFO rhel: cvssv3_obj = RHELCVSS3(
2023-11-23T01:31:16.9266231Z [0073]  INFO rhel: ^^^^^^^^^^
2023-11-23T01:31:16.9267088Z [0073]  INFO rhel: File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 815, in __init__
2023-11-23T01:31:16.9268284Z [0073]  INFO rhel: raise ValueError("vector_string and base_score must be valid")
2023-11-23T01:31:16.9269201Z [0073]  INFO rhel: ValueError: vector_string and base_score must be valid
2023-11-23T01:31:16.9472820Z [0073]  INFO rhel: �[0munable to make cvss3, defaulting to None�[0m
2023-11-23T01:31:16.9473446Z [0073]  INFO rhel: Traceback (most recent call last):
2023-11-23T01:31:16.9475359Z [0073]  INFO rhel: File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 682, in _parse_cve
2023-11-23T01:31:16.9476804Z [0073]  INFO rhel: cvssv3_obj = RHELCVSS3(
2023-11-23T01:31:16.9477500Z [0073]  INFO rhel: ^^^^^^^^^^
2023-11-23T01:31:16.9478471Z [0073]  INFO rhel: File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 815, in __init__
2023-11-23T01:31:16.9480052Z [0073]  INFO rhel: raise ValueError("vector_string and base_score must be valid")
2023-11-23T01:31:16.9481332Z [0073]  INFO rhel: ValueError: vector_string and base_score must be valid
2023-11-23T01:31:16.9490571Z [0073]  INFO rhel: �[0munable to make cvss3, defaulting to None�[0m
2023-11-23T01:31:16.9491533Z [0073]  INFO rhel: Traceback (most recent call last):
2023-11-23T01:31:16.9492823Z [0073]  INFO rhel: File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 682, in _parse_cve
2023-11-23T01:31:16.9493975Z [0073]  INFO rhel: cvssv3_obj = RHELCVSS3(
2023-11-23T01:31:16.9494599Z [0073]  INFO rhel: ^^^^^^^^^^
2023-11-23T01:31:16.9496110Z [0073]  INFO rhel: File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 815, in __init__
2023-11-23T01:31:16.9497574Z [0073]  INFO rhel: raise ValueError("vector_string and base_score must be valid")
2023-11-23T01:31:16.9498724Z [0073]  INFO rhel: ValueError: vector_string and base_score must be valid
2023-11-23T01:31:16.9515888Z [0073]  INFO rhel: �[0munable to make cvss3, defaulting to None�[0m
2023-11-23T01:31:16.9517075Z [0073]  INFO rhel: Traceback (most recent call last):
2023-11-23T01:31:16.9518577Z [0073]  INFO rhel: File "/usr/local/lib/python3.11/site-packages/vunnel/providers/rhel/parser.py", line 682, in _parse_cve
2023-11-23T01:31:16.9520282Z [0073]  INFO rhel: cvssv3_obj = RHELCVSS3(

This refactors so that parsing errors will only be logged when there is some unexpected exception encountered when constructing the RHELCVSS3 object.

@westonsteimel westonsteimel added the run-pr-quality-gate Triggers running of quality gate on PRs label Nov 23, 2023
@westonsteimel
chore(rhel): improved handling CVSS V3 parsing
75f9efa 
Prior to this change, every single record without a CVSS V3 score will
emit a ValueError on info log level.  This refactors so that parsing
errors will only be logged when there is some unexpected exception
encountered when constructing the `RHELCVSS3` object.

Signed-off-by: Weston Steimel <[email protected]>
@westonsteimel westonsteimel force-pushed the better-rhel-cvss-parse-handling branch from c3eea39 to 75f9efa Compare November 23, 2023 14:21
@westonsteimel westonsteimel marked this pull request as ready for review November 23, 2023 14:48
@westonsteimel westonsteimel requested a review from a team November 23, 2023 14:48
@westonsteimel westonsteimel merged commit 0952521 into main Nov 24, 2023
10 checks passed
@westonsteimel westonsteimel deleted the better-rhel-cvss-parse-handling branch November 24, 2023 11:22
@westonsteimel westonsteimel added enhancement New feature or request and removed enhancement New feature or request run-pr-quality-gate Triggers running of quality gate on PRs labels Nov 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willmurphyscode willmurphyscode willmurphyscode approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@westonsteimel @willmurphyscode