Merge pull request #3009 from CVEProject/test

update Test with main

package.json

@@ -34,6 +34,7 @@
  "devDependencies": {
  "@rushstack/eslint-patch": "^1.3.3",
  "@tsconfig/node18": "^18.2.2",
+ "@types/lodash": "^4.17.7",
  "@types/node": "^18.19.3",
  "@vitejs/plugin-vue": "^4.5.2",
  "@vitejs/plugin-vue-jsx": "^3.1.0",

src/assets/style/cveRecord.scss

@@ -3,6 +3,7 @@
 .level-item {
  @include touch {
  justify-content: left !important;
+ margin-bottom: 0.25rem !important;
  }
 }
 

src/components/CveRecordReferences.vue

@@ -0,0 +1,35 @@
+<template>
+ <div id="cve-program-references" v-if="references.length > 0"
+ class="mt-5"
+ style="word-break:break-all;"
+ >
+ <h4 class="title mb-0">References</h4>
+ <ul>
+ <li v-for="(reference, index) in references" :key="`link-${index}`" class="cve-word-wrap">
+ <span class="icon-text">
+ <a :href="reference.url" target="_blank">
+ {{ (typeof reference.name !== 'undefined' && reference.name.length > 0) ? `${reference.hostname}: ${reference.name}` : reference.url }}
+ <span class="icon cve-icon-xxs">
+ <p id="enewsletter" class="is-hidden">external site</p>
+ <font-awesome-icon icon="external-link-alt" aria-labelledby="enewsletter"></font-awesome-icon>
+ </span>
+ </a>
+ </span>
+ <span v-for="tag in reference.tags" :key="tag">
+ <span class="tag ml-2" v-if="tag.length > 0">{{tag}}</span>
+ </span>
+ </li>
+ </ul>
+ </div>
+</template>
+
+<script>
+export default {
+ props: {
+ references: {
+ type: Object,
+ required: true,
+ }
+ }
+}
+</script>

src/components/ProductStatus.vue

@@ -135,7 +135,7 @@ export default {
 </script>
 
 <style lang="scss">
- @import '../assets/style/globals.scss'; 
+ @import '@/assets/style/globals.scss'; 
 </style>
 
 <!-- Add "scoped" attribute to limit CSS to this component only -->

src/main.ts

@@ -18,17 +18,17 @@ import {
  faXTwitter, faGithub, faLinkedin, faYoutube, faMedium, faLeanpub, faReadme, faMastodon,
 } from '@fortawesome/free-brands-svg-icons';
 import {
- faAngleLeft, faAngleRight, faArrowRight, faBlog, faCaretDown, faCaretUp, faInfoCircle, faCheckCircle, faExclamationCircle, faFilePdf,
+ faAngleLeft, faAngleRight, faArrowRight, faBlog, faBook, faCaretDown, faCaretUp, faInfoCircle, faCheckCircle, faExclamationCircle, faFileCode,
  faTriangleExclamation, faUpRightFromSquare, faLink, faMinus, faPassport, faPlus, faPodcast, faIdCard, faSearch, faHandshake, faUsersCog,
  faLaptopCode, faPoll, faTimes, faToolbox, faSitemap, faUser, faUserShield, faBullhorn, faWindowMaximize,
 } from '@fortawesome/free-solid-svg-icons';
 import { faArrowAltCircleRight, faClipboard, faNewspaper } from '@fortawesome/free-regular-svg-icons';
 import { FontAwesomeIcon } from '@fortawesome/vue-fontawesome';
 
-library.add(faAngleLeft, faAngleRight, faArrowRight, faBlog, faCaretDown, faCaretUp, faInfoCircle, faCheckCircle, faExclamationCircle, faFilePdf,
- faTriangleExclamation, faUpRightFromSquare, faLink, faMinus, faPassport, faPlus, faPodcast, faIdCard, faSearch, faHandshake, faUsersCog,
- faLaptopCode, faTimes, faToolbox, faSitemap, faUser, faUserShield, faXTwitter, faGithub, faLinkedin, faYoutube, faMedium, faLeanpub,
- faArrowAltCircleRight, faClipboard, faNewspaper, faBullhorn, faWindowMaximize, faReadme, faPoll, faMastodon);
+library.add(faAngleLeft, faAngleRight, faArrowRight, faBlog, faBook, faCaretDown, faCaretUp, faInfoCircle, faCheckCircle, faExclamationCircle, faFileCode,
+ faTriangleExclamation, faUpRightFromSquare, faLink, faMinus, faPassport, faPlus, faPodcast, faIdCard, faSearch, faHandshake, faUsersCog, faLaptopCode,
+ faTimes, faToolbox, faSitemap, faUser, faUserShield, faXTwitter, faGithub, faLinkedin, faYoutube, faMedium, faLeanpub, faArrowAltCircleRight,
+ faClipboard, faNewspaper, faBullhorn, faWindowMaximize, faReadme, faPoll, faMastodon);
 
 
 const app = createApp(App);

src/stores/cveRecordLookup.ts

@@ -1,4 +1,5 @@
-import { defineStore } from 'pinia'
+import { defineStore } from 'pinia';
+import _ from 'lodash';
 
 
 export const useCveRecordLookupStore = defineStore('cveRecordLookup', {
@@ -16,8 +17,50 @@ export const useCveRecordLookupStore = defineStore('cveRecordLookup', {
  serverError: false,
  showHelpText: false,
  showJsonRecord: false,
- hasOnlyCisaAdpInfo: false,
- emptyProductStatus: {}
+ hasAdpInfo: false,
+ emptyProductStatus: {},
+ accordianState: {
+ collapseAll: true,
+ },
+ onPageMenuItems: {
+ submenu: {}
+ },
+ orgIdAndLongNameMap: {},
+ cveProgramShortName: 'cve'
  }
+ },
+ actions: {
+ getReferences(references: Array<any>) {
+ const value = references;
+ const filteredReferences: Array<object> = [];
+
+ if (this.hasData(value)) {
+ const regex = /^x_refsource/;
+
+ value.forEach((reference: {tags: Array<string>, hostname: string, name: string, url: string }) => {
+
+ const filteredTags: Array<string> = [];
+
+ if (reference?.tags) {
+ reference.tags.forEach((tag: string) => {
+ if (!regex.test(tag)) filteredTags.push(tag);
+ });
+ }
+ const newReference: {tags: Array<string>, hostname: string, name: string, url: string } = _.cloneDeep(reference);
+ newReference.tags = filteredTags;
+ if (newReference?.name && newReference.name.length > 0) newReference.hostname = (new URL(newReference.url)).hostname.replace('www.', '');
+ filteredReferences.push(newReference);
+ });
+ }
+
+ return filteredReferences;
+ },
+ hasData(value: Array<object>) {
+ if (typeof value !== 'undefined' && value.length > 0) {
+ return true;
+ }
+
+ return false;
+ },
  }
 });

src/views/CVERecord/CVERecord.vue

@@ -1,63 +1,77 @@
 <template>
  <div id="cve-secondary-page-main-container">
- <div class="columns is-centered">
- <div class="column is-8-desktop cve-main-column-content-width">
- <main id="cve-main-page-content" role="main">
- <div class="content">
- <div class="cve-loading-message has-text-centered" v-if="useCveRecordLookupStore.isSearching">
- <span class="icon-text">
- <span class="icon">
- <span class="loader is-loading"/>
+ <div v-if="useCveRecordLookupStore.isSearching">
+ <div class="columns">
+ <div class="column is-2 is-hidden-touch"></div>
+ <div class="column is-full-mobile is-full-tablet is-7-desktop">
+ <main id="cve-main-page-content">
+ <div class="content">
+ <div class="cve-loading-message has-text-centered">
+ <span class="icon-text">
+ <span class="icon">
+ <span class="loader is-loading"/>
+ </span>
+ <span>Please wait. Loading...</span>
  </span>
- <span>Please wait. Loading...</span>
- </span>
- </div>
- <div v-else>
- <div v-if="useCveRecordLookupStore.isIdOrRecordFound">
- <PublishedRecord :NVDBaseUrl="NVDBaseUrl" v-if="useCveRecordLookupStore.isPublished"/>
- <RejectedRecordOrId :NVDBaseUrl="NVDBaseUrl" v-if="useCveRecordLookupStore.isRejected"/>
- <ReservedId v-if="useCveRecordLookupStore.isReserved"/>
  </div>
- <p v-if="useCveRecordLookupStore.showHelpText" class="has-text-centered">
- Please use the search box above to find a CVE record by ID.
- </p>
- <div v-if="useCveRecordLookupStore.serverError" class="has-text-centered">
- <h1 class="title is-4">Service is currently unavailable.</h1>
- <p style="text-align: center;">Please
- <span class="icon-text">
- <a href="https://cveform.mitre.org/" target="_blank">report the issue
+ </div>
+ </main>
+ </div>
+ </div>
+ </div>
+ <div v-else>
+ <div v-if="useCveRecordLookupStore.isIdOrRecordFound">
+ <PublishedRecord v-if="useCveRecordLookupStore.isPublished"/>
+ <RejectedRecordOrId v-if="useCveRecordLookupStore.isRejected"/>
+ <ReservedId v-if="useCveRecordLookupStore.isReserved"/>
+ </div>
+ <div v-else class="columns">
+ <div class="column is-2 is-hidden-touch"></div>
+ <div class="column is-full-mobile is-full-tablet is-7-desktop">
+ <main id="cve-main-page-content">
+ <div class="content">
+ <div>
+ <p v-if="useCveRecordLookupStore.showHelpText" class="has-text-centered">
+ Please use the search box above to find a CVE record by ID.
+ </p>
+ <div v-else-if="useCveRecordLookupStore.serverError" class="has-text-centered">
+ <h1 class="title is-4">Service is currently unavailable.</h1>
+ <p style="text-align: center;">Please
+ <span class="icon-text">
+ <a href="https://cveform.mitre.org/" target="_blank">report the issue
+ <span class="icon is-size-7 cve-icon-xxs">
+ <p id="extenalLink1" class="is-hidden">external site</p>
+ <font-awesome-icon icon="external-link-alt" aria-labelledby="extenalLink1" aria-hidden="false" focusable="false"/>
+ </span>
+ </a>
+ </span>
+ and try again later.<br/>Or, use
+ <a href="https://cve.mitre.org/cve/search_cve_list.html" target="_blank">Search CVE List on cve.mitre.org
  <span class="icon is-size-7 cve-icon-xxs">
  <p id="extenalLink1" class="is-hidden">external site</p>
  <font-awesome-icon icon="external-link-alt" aria-labelledby="extenalLink1" aria-hidden="false" focusable="false"/>
  </span>
  </a>
- </span>
- and try again later.<br/>Or, use
- <a href="https://cve.mitre.org/cve/search_cve_list.html" target="_blank">Search CVE List on cve.mitre.org
- <span class="icon is-size-7 cve-icon-xxs">
- <p id="extenalLink1" class="is-hidden">external site</p>
- <font-awesome-icon icon="external-link-alt" aria-labelledby="extenalLink1" aria-hidden="false" focusable="false"/>
+ to search CVE Records. Sorry for the inconvenience.
+ </p>
+ </div>
+ <div v-else-if="!useCveRecordLookupStore.isIdOrRecordFound" class="has-text-centered">
+ <h1 class="title is-3 is-4 mb-2">{{useCveRecordLookupStore.cveId}} not found.</h1>
+ <span class="icon-text">
+ <a href="https://cve.mitre.org/cve/search_cve_list.html" target="_blank">
+ Find CVE Record by Keyword
+ <span class="icon cve-icon-xxs" style="margin-left: 0px;">
+ <p id="CVERecordsKeywordSearch" class="is-hidden">external site</p>
+ <font-awesome-icon icon="external-link-alt" aria-labelledby="CVERecordsKeywordSearch">
+ </font-awesome-icon>
  </span>
- </a>
- to search CVE Records. Sorry for the inconvenience.
- </p>
- </div>
- <div v-if="!useCveRecordLookupStore.isIdOrRecordFound" class="has-text-centered">
- <h1 class="title is-3 is-4 mb-2">{{useCveRecordLookupStore.cveId}} not found.</h1>
- <span class="icon-text">
- <a href="https://cve.mitre.org/cve/search_cve_list.html" target="_blank">
- Find CVE Record by Keyword
- <span class="icon cve-icon-xxs" style="margin-left: 0px;">
- <p id="CVERecordsKeywordSearch" class="is-hidden">external site</p>
- <font-awesome-icon icon="external-link-alt" aria-labelledby="CVERecordsKeywordSearch">
- </font-awesome-icon>
+ </a>
  </span>
- </a>
- </span>
+ </div>
  </div>
  </div>
- </div>
- </main>
+ </main>
+ </div>
  </div>
  </div>
  </div>
@@ -77,7 +91,6 @@ export default {
  },
  data() {
  return {
- NVDBaseUrl: 'https://nvd.nist.gov/view/vuln/detail?vulnId=',
  useCveRecordLookupStore: useCveRecordLookupStore()
  };
  },

src/views/CVERecord/CveRecordUserGuide.vue

@@ -14,6 +14,33 @@
  page. Learn more about the CVE Record Format
  <router-link to='/AllResources/CveServices#CveRecordFormat'>here</router-link>.
  </p>
+ <div id="cve-data-enrichment-notification">
+ <p>
+ <router-link to="/ResourcesSupport/Glossary?activeTerm=glossaryRecord">CVE Records</router-link> may now provide datafrom three different
+ sources to enrich vulnerability information available to the public:
+ <ul>
+ <li>
+ <router-link to="/ProgramOrganization/CNAs">CVE Numbering Authority (CNA)</router-link>:
+ Selected enriched information provided by the CNA is found under the “CNA” tab.
+ </li>
+ <li>
+ <span class="has-text-weight-bold">CVE Program Container:</span> Additional references that are added by the CVE Program are
+ found in the CVE Program Container. Refer to this
+ <router-link to="/Media/News/item/blog/2024/07/26/CVE-Records-Add-New-CVE-Program-Container">blog</router-link> for a full
+ explanation of this enriched data.
+ </li>
+ <li>
+ <router-link to="/ProgramOrganization/ADPs">Authorized Data Publisher (ADP)</router-link>:
+ Selected enriched information provided by one or more ADPs is provided under the “ADP” tab.
+ If there is no ADP-enriched information, no ADP tab will be present.
+ </li>
+ </ul>
+ </p>
+ <p>
+ Note: CVE Record detail pages may not display all data for a record. Select the “View JSON” link to view all available required,
+ optional, and enriched information for the record.
+ </p>
+ </div>
  </div>
  <div id="cve-cvss" class="content">
  <h2 class="title">CVSS</h2>