diff --git a/cve-vulner-manager/controllers/cve.go b/cve-vulner-manager/controllers/cve.go index 01e5cd4638e716328ab992db14f11821b57b4e13..361d658bce90b97d21d7d2cbfc1209ecc402c6e8 100644 --- a/cve-vulner-manager/controllers/cve.go +++ b/cve-vulner-manager/controllers/cve.go @@ -119,10 +119,10 @@ func (u *CveIssueInfoController) Post() { logs.Info("updates cve issue :", req) for _, c := range req { - cve := models.VulnCenter{CveNum: c.CveId, RepoName: c.PackageName} - err = models.GetVulnCenterByCid(&cve, "CveNum", "RepoName") + cve := models.VulnCenter{CveNum: c.CveId, RepoName: c.PackageName, OrganizationID: 1} + err = models.GetVulnCenterByCid(&cve, "CveNum", "RepoName", "OrganizationID") if err != nil { - logs.Error(err) + logs.Error("get vulCenter failed:", err) continue } diff --git a/cve-vulner-manager/controllers/file.go b/cve-vulner-manager/controllers/file.go index 2e197c04be87f1879dd95501baa526afe0f8cb66..e05da7f3616e74edb4aed587bd34bcb2aaeb0ee3 100644 --- a/cve-vulner-manager/controllers/file.go +++ b/cve-vulner-manager/controllers/file.go @@ -148,7 +148,7 @@ func (f *FileController) TriggerCveData() { cves = strings.Split(cveNums, ",") } //cve pull_request freeze time changed to a month ago - startTime = common.TimeStrSub(startTime, -365) + startTime = common.TimeStrSub(startTime, -180) unaffectYear, yerr := beego.AppConfig.Int("excel::unaffect_year") if yerr != nil { unaffectYear = 2018 diff --git a/cve-vulner-manager/controllers/hook.go b/cve-vulner-manager/controllers/hook.go index 8db58d09fa6b794abce918e89ed7d8b275aa2726..e71bdd40339f825165c9f6a447b993f1fa2c3297 100644 --- a/cve-vulner-manager/controllers/hook.go +++ b/cve-vulner-manager/controllers/hook.go @@ -2991,6 +2991,8 @@ func saveVectorData(vct string, cveID int64) error { score.Oavailability = av upFields = append(upFields, "o_availability") } + score.ScoreType = "v2" + upFields = append(upFields, "score_type") } else { //update v3 vector avv := util.ReadVMValue(vMap["AV"]) @@ -3033,6 +3035,8 @@ func saveVectorData(vct string, cveID int64) error { score.Oavailability = av upFields = append(upFields, "o_availability") } + score.ScoreType = "v3" + upFields = append(upFields, "score_type") } if len(upFields) > 0 { //Perform update diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index 00c63507eb988d420370d0ffb1ce129f76d47506..a582e64dbfcda657d87dcda1e9a5f7446e104c2b 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -2594,9 +2594,15 @@ func FilterCveExported() { go func(center models.VulnCenter) { ewg.Add(1) defer ewg.Done() - issueExist, _ := GetCveSecurityNotice(center.CveNum, center.PackName, true) + issueExist, result := GetCveSecurityNotice(center.CveNum, center.PackName, true) if issueExist { - if productExist, _ := GetCveProduct(center.CveNum, center.PackName); productExist { + // 1640966400 -- 2022-01-01 + if t := util.TimeStrToInt(result.Result.UpdateTime, ""); t != 0 && t <= 1640966400 { + dbLock.Lock() + center.IsExport = 1 + models.UpdateVulnCenter(¢er, "is_export") + dbLock.Unlock() + } else if productExist, _ := GetCveProduct(center.CveNum, center.PackName); productExist { dbLock.Lock() center.IsExport = 1 models.UpdateVulnCenter(¢er, "is_export") diff --git a/cve-vulner-manager/taskhandler/cvrf.go b/cve-vulner-manager/taskhandler/cvrf.go index 7a6df04da8a9b7e10d7298008ba931c8f433a0a3..04e65a50fb8651c96e0bd5942184d420e1c331ef 100644 --- a/cve-vulner-manager/taskhandler/cvrf.go +++ b/cve-vulner-manager/taskhandler/cvrf.go @@ -504,13 +504,8 @@ func BuildUnaffVulnerability(vlLenth int, v models.ExcelExport, vulnerability.ProductStatuses = &productStatuses var cVSSScoreSets CVSSScoreSets var scoreSet ScoreSet - if v.OpenEulerScore != 0.0 { - scoreSet.BaseScore = fmt.Sprintf("%.1f", v.OpenEulerScore) - scoreSet.Vector = v.OvectorVule - } else { - scoreSet.BaseScore = fmt.Sprintf("%.1f", v.NVDScore) - scoreSet.Vector = v.NvectorVule - } + scoreSet.BaseScore = fmt.Sprintf("%.1f", v.OpenEulerScore) + scoreSet.Vector = v.OvectorVule cVSSScoreSets.ScoreSet = &scoreSet vulnerability.CvssScoreSets = &cVSSScoreSets var remediations UnRemediations