Update several test cases

ra1nb0rn · Jun 24, 2024 · b124835 · b124835
1 parent af76c29
commit b124835
Show file tree

Hide file tree

Showing 6 changed files with 13 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,11 @@
 # Changelog
 This file keeps track of all notable changes between the different versions of search_vulns.
 
+## v0.5.4 - 2024-06-24
+### Fixed
+- Updated several test cases.
+
+
 ## v0.5.3 - 2024-05-24
 ### Changed
 - CPE suggestions dropdown is now limited in height and is scrollable.

diff --git a/tests/test_cve_attr_completeness.py b/tests/test_cve_attr_completeness.py
diff --git a/tests/test_cve_completeness.py b/tests/test_cve_completeness.py
@@ -21,7 +21,7 @@ def test_search_apache_2425(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=True, is_good_cpe=True)
-        expected_cves = ['CVE-2017-15710', 'CVE-2017-3169', 'CVE-2017-7659', 'CVE-2017-7668', 'CVE-2017-9798', 'CVE-2018-1312', 'CVE-2018-17189', 'CVE-2020-9490', 'CVE-2021-26691', 'CVE-2017-3167', 'CVE-2022-28615', 'CVE-2023-25690', 'CVE-1999-0289', 'CVE-2021-33193', 'CVE-2019-9517', 'CVE-2022-30556', 'CVE-2019-0217', 'CVE-2018-1303', 'CVE-2018-11763', 'CVE-2022-37436', 'CVE-2022-22719', 'CVE-2006-20001', 'CVE-2021-26690', 'CVE-2022-36760', 'CVE-2022-26377', 'CVE-2017-9788', 'CVE-2020-13938', 'CVE-2019-17567', 'CVE-2022-31813', 'CVE-2021-40438', 'CVE-2019-0211', 'CVE-2021-34798', 'CVE-2019-10092', 'CVE-1999-1237', 'CVE-1999-0236', 'CVE-2019-0220', 'CVE-2018-1301', 'CVE-2020-11993', 'CVE-1999-1412', 'CVE-2020-1927', 'CVE-2017-7679', 'CVE-2021-39275', 'CVE-2022-28330', 'CVE-2019-10098', 'CVE-2022-28614', 'CVE-2019-10081', 'CVE-2020-1934', 'CVE-2007-0450', 'CVE-2018-17199', 'CVE-2021-44790', 'CVE-1999-0678', 'CVE-2022-29404', 'CVE-2021-44224', 'CVE-2019-0196', 'CVE-2022-22720', 'CVE-2017-15715', 'CVE-2022-23943', 'CVE-2020-35452', 'CVE-2018-1283', 'CVE-2019-10082', 'CVE-2022-22721', 'CVE-2018-1302', 'CVE-2007-0086', 'CVE-2018-1333', 'CVE-2023-31122', 'CVE-2023-45802']
+        expected_cves = ['CVE-2017-15710', 'CVE-2017-3169', 'CVE-2017-7659', 'CVE-2017-7668', 'CVE-2017-9798', 'CVE-2018-1312', 'CVE-2018-17189', 'CVE-2020-9490', 'CVE-2021-26691', 'CVE-2017-3167', 'CVE-2022-28615', 'CVE-2023-25690', 'CVE-1999-0289', 'CVE-2021-33193', 'CVE-2019-9517', 'CVE-2022-30556', 'CVE-2019-0217', 'CVE-2018-1303', 'CVE-2018-11763', 'CVE-2022-37436', 'CVE-2022-22719', 'CVE-2006-20001', 'CVE-2021-26690', 'CVE-2022-36760', 'CVE-2022-26377', 'CVE-2017-9788', 'CVE-2020-13938', 'CVE-2019-17567', 'CVE-2022-31813', 'CVE-2021-40438', 'CVE-2019-0211', 'CVE-2021-34798', 'CVE-2019-10092', 'CVE-1999-1237', 'CVE-1999-0236', 'CVE-2019-0220', 'CVE-2018-1301', 'CVE-2020-11993', 'CVE-1999-1412', 'CVE-2020-1927', 'CVE-2017-7679', 'CVE-2021-39275', 'CVE-2022-28330', 'CVE-2019-10098', 'CVE-2022-28614', 'CVE-2019-10081', 'CVE-2020-1934', 'CVE-2007-0450', 'CVE-2018-17199', 'CVE-2021-44790', 'CVE-1999-0678', 'CVE-2022-29404', 'CVE-2021-44224', 'CVE-2019-0196', 'CVE-2022-22720', 'CVE-2017-15715', 'CVE-2022-23943', 'CVE-2020-35452', 'CVE-2018-1283', 'CVE-2019-10082', 'CVE-2022-22721', 'CVE-2018-1302', 'CVE-2007-0086', 'CVE-2018-1333', 'CVE-2023-31122', 'CVE-2023-45802', 'CVE-2024-27316']
         self.assertEqual(set(expected_cves), set(list(result[query]['vulns'].keys())))
 
     def test_search_proftpd_133c(self):

diff --git a/tests/test_eol_date.py b/tests/test_eol_date.py
@@ -14,14 +14,14 @@ def test_search_wp_general(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=False, is_good_cpe=True)
-        expected_result = {'status': 'N/A', 'latest': '6.5.3', 'ref': 'https://endoflife.date/wordpress'}
+        expected_result = {'status': 'N/A', 'latest': '6.5.4', 'ref': 'https://endoflife.date/wordpress'}
         self.assertEqual(result[query]['version_status'], expected_result)
 
     def test_search_wp_572(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:wordpress:wordpress:5.7.2:*:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=False, is_good_cpe=True)
-        expected_result = {'status': 'eol', 'latest': '6.5.3', 'ref': 'https://endoflife.date/wordpress'}
+        expected_result = {'status': 'eol', 'latest': '6.5.4', 'ref': 'https://endoflife.date/wordpress'}
         self.assertEqual(result[query]['version_status'], expected_result)
 
     def test_search_jquery_general(self):
@@ -42,14 +42,14 @@ def test_search_mongodb_4_4_29(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:mongodb:mongodb:4.4.29:*:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=False, is_good_cpe=True)
-        expected_result = {'status': 'eol', 'latest': '7.3.2', 'ref': 'https://endoflife.date/mongodb'}
+        expected_result = {'status': 'eol', 'latest': '7.3.3', 'ref': 'https://endoflife.date/mongodb'}
         self.assertEqual(result[query]['version_status'], expected_result)
 
     def test_search_mongodb_6_0_13(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=False, is_good_cpe=True)
-        expected_result = {'status': 'outdated', 'latest': '7.3.2', 'ref': 'https://endoflife.date/mongodb'}
+        expected_result = {'status': 'outdated', 'latest': '7.3.3', 'ref': 'https://endoflife.date/mongodb'}
         self.assertEqual(result[query]['version_status'], expected_result)
 
 if __name__ == '__main__':

diff --git a/tests/test_exploit_completeness.py b/tests/test_exploit_completeness.py
@@ -27,7 +27,7 @@ def test_search_apache_2425(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=True, is_good_cpe=True)
-        expected_exploits = ['https://www.exploit-db.com/exploits/42745', 'https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html', 'https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch', 'https://github.com/hannob/optionsbleed', 'https://github.com/brokensound77/OptionsBleed-POC-Scanner', 'https://github.com/l0n3rs/CVE-2017-9798', 'https://github.com/nitrado/CVE-2017-9798', 'https://github.com/pabloec20/optionsbleed', 'https://www.exploit-db.com/exploits/46676', 'http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html', 'https://github.com/ozkanbilge/Apache-Exploit-2019', 'https://www.exploit-db.com/exploits/19244', 'https://github.com/Saksham2002/CVE-2006-20001', 'https://www.exploit-db.com/exploits/20595', 'https://www.exploit-db.com/exploits/47689', 'https://github.com/dja2TaqkGEEfA45/CVE-2021-26691', 'https://github.com/dja2TaqkGEEfA45/CVE-2021-26690', 'https://github.com/dhmosfunk/CVE-2023-25690-POC', 'https://github.com/tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL', 'https://www.exploit-db.com/exploits/29739', 'https://www.exploit-db.com/exploits/19253', 'https://portswigger.net/research/http2', 'http://packetstormsecurity.com/files/160393/Apache-2-HTTP2-Module-Concurrent-Pool-Usage.html', 'https://httpd.apache.org/security/vulnerabilities_24.html', 'https://github.com/whisp1830/CVE-2017-15715', 'https://github.com/BabyTeam1024/CVE-2021-40438', 'https://github.com/Kashkovsky/CVE-2021-40438', 'https://github.com/ericmann/apache-cve-poc', 'https://github.com/gassara-kys/CVE-2021-40438', 'https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt', 'https://github.com/sixpacksecurity/CVE-2021-40438', 'https://github.com/xiaojiangxl/CVE-2021-40438', 'https://www.exploit-db.com/exploits/47688', 'https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd', 'https://github.com/motikan2010/CVE-2019-10092_Docker', 'https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679', 'https://github.com/snknritr/CVE-2017-7679-in-python', 'https://www.exploit-db.com/exploits/51193', 'https://github.com/Benasin/CVE-2022-22720', 'https://github.com/nuPacaChi/-CVE-2021-44790', 'https://github.com/thanhlam-attt/CVE-2023-25690', 'https://github.com/sergiovks/CVE-2021-40438-Apache-2.4.48-SSRF-exploit', 'https://github.com/watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc', 'https://github.com/Cappricio-Securities/CVE-2021-40438']
+        expected_exploits = ['https://www.exploit-db.com/exploits/42745', 'https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html', 'https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch', 'https://github.com/hannob/optionsbleed', 'https://github.com/brokensound77/OptionsBleed-POC-Scanner', 'https://github.com/l0n3rs/CVE-2017-9798', 'https://github.com/nitrado/CVE-2017-9798', 'https://github.com/pabloec20/optionsbleed', 'https://www.exploit-db.com/exploits/46676', 'http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html', 'https://github.com/ozkanbilge/Apache-Exploit-2019', 'https://www.exploit-db.com/exploits/19244', 'https://github.com/Saksham2002/CVE-2006-20001', 'https://www.exploit-db.com/exploits/20595', 'https://www.exploit-db.com/exploits/47689', 'https://github.com/dja2TaqkGEEfA45/CVE-2021-26691', 'https://github.com/dja2TaqkGEEfA45/CVE-2021-26690', 'https://github.com/dhmosfunk/CVE-2023-25690-POC', 'https://github.com/tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL', 'https://www.exploit-db.com/exploits/29739', 'https://www.exploit-db.com/exploits/19253', 'https://portswigger.net/research/http2', 'http://packetstormsecurity.com/files/160393/Apache-2-HTTP2-Module-Concurrent-Pool-Usage.html', 'https://httpd.apache.org/security/vulnerabilities_24.html', 'https://github.com/whisp1830/CVE-2017-15715', 'https://github.com/BabyTeam1024/CVE-2021-40438', 'https://github.com/Kashkovsky/CVE-2021-40438', 'https://github.com/ericmann/apache-cve-poc', 'https://github.com/gassara-kys/CVE-2021-40438', 'https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt', 'https://github.com/sixpacksecurity/CVE-2021-40438', 'https://github.com/xiaojiangxl/CVE-2021-40438', 'https://www.exploit-db.com/exploits/47688', 'https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd', 'https://github.com/motikan2010/CVE-2019-10092_Docker', 'https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679', 'https://github.com/snknritr/CVE-2017-7679-in-python', 'https://www.exploit-db.com/exploits/51193', 'https://github.com/Benasin/CVE-2022-22720', 'https://github.com/nuPacaChi/-CVE-2021-44790', 'https://github.com/thanhlam-attt/CVE-2023-25690', 'https://github.com/sergiovks/CVE-2021-40438-Apache-2.4.48-SSRF-exploit', 'https://github.com/watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc', 'https://github.com/Cappricio-Securities/CVE-2021-40438', 'https://github.com/mbadanoiu/CVE-2019-10092', 'https://github.com/aeyesec/CVE-2024-27316_poc', 'https://github.com/lockness-Ko/CVE-2024-27316']
         result_exploits = []
         for cve in result[query]['vulns']:
             data = result[query]['vulns'].get(cve)

diff --git a/version.txt b/version.txt
@@ -1 +1 @@
-0.5.3
+0.5.4