diff --git a/security/migrations/0007_remove_cve_title.py b/security/migrations/0007_remove_cve_title.py new file mode 100644 index 00000000..64c79f13 --- /dev/null +++ b/security/migrations/0007_remove_cve_title.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.20 on 2025-04-20 20:15 + +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('security', '0006_alter_cve_options_alter_cvss_unique_together'), + ] + + operations = [ + migrations.RemoveField( + model_name='cve', + name='title', + ), + ] diff --git a/security/models.py b/security/models.py index 5704ae47..a847ab02 100644 --- a/security/models.py +++ b/security/models.py @@ -92,7 +92,6 @@ def __str__(self): class CVE(models.Model): cve_id = models.CharField(max_length=255, unique=True) - title = models.CharField(max_length=255, blank=True, null=True) description = models.TextField(blank=True, default='') reserved_date = models.DateTimeField(blank=True, null=True) published_date = models.DateTimeField(blank=True, null=True) @@ -233,32 +232,23 @@ def parse_mitre_cve_data(self, cve_json): if updated_date: self.updated_date = tz_aware_datetime(cve_metadata.get('dateUpdated')) cna_container = cve_json.get('containers').get('cna') - title = cna_container.get('title') - if not title: - product = cna_container.get('product') descriptions = cna_container.get('descriptions') if descriptions: self.description = descriptions[0].get('value') problem_types = cna_container.get('problemTypes', []) for problem_type in problem_types: descriptions = problem_type.get('descriptions') - if descriptions: - for description in descriptions: - cwe_description = description.get('description') - if description.get('type') == 'CWE': - cwe_id = description.get('cweId') - if cwe_id: - cwe, created = CWE.objects.get_or_create(cwe_id=cwe_id) - self.cwes.add(cwe) - cwe_ids = re.findall(r'CWE-\d+', cwe_description) - for cwe_id in cwe_ids: + for description in descriptions: + if description.get('type') == 'CWE': + cwe_id = description.get('cweId') + if cwe_id: cwe, created = CWE.objects.get_or_create(cwe_id=cwe_id) self.cwes.add(cwe) - if not title: - if product and cwe_description: - self.title = f'{product} - {cwe_description}' - else: - self.title = '' + cwe_description = description.get('description') + cwe_ids = re.findall(r'CWE-\d+', cwe_description) + for cwe_id in cwe_ids: + cwe, created = CWE.objects.get_or_create(cwe_id=cwe_id) + self.cwes.add(cwe) metrics = cna_container.get('metrics') if metrics: for metric in metrics: diff --git a/security/serializers.py b/security/serializers.py index 31730c53..979fc2c9 100644 --- a/security/serializers.py +++ b/security/serializers.py @@ -28,7 +28,7 @@ class Meta: class CVESerializer(serializers.HyperlinkedModelSerializer): class Meta: model = CVE - fields = ('cve_id', 'title', 'description', 'cvss_score', 'cwe', + fields = ('cve_id', 'description', 'cvss_score', 'cwe', 'registered_date', 'published_date', 'updated_date') diff --git a/security/templates/security/cve_detail.html b/security/templates/security/cve_detail.html index 2fe6f8e4..6c86197a 100644 --- a/security/templates/security/cve_detail.html +++ b/security/templates/security/cve_detail.html @@ -21,7 +21,6 @@
-
CVE ID{{ cve.cve_id }}
Title{{ cve.title }}
Description{{ cve.description }}
Reserved{{ cve.reserved_date|date|default_if_none:'' }}
Rejected{{ cve.rejected_date|date|default_if_none:'' }}