Add NKCKI severity smoothing, fixtures, and regression harness

2025-10-12 20:41:30 +00:00
parent 607e72e2a1
commit 49293e7d4e
8 changed files with 833 additions and 6 deletions
--- a/src/StellaOps.Feedser.Source.Ru.Nkcki.Tests/Fixtures/nkcki-advisories.snapshot.json
+++ b/src/StellaOps.Feedser.Source.Ru.Nkcki.Tests/Fixtures/nkcki-advisories.snapshot.json
@@ -0,0 +1,165 @@
+[
+  {
+    "advisoryKey": "BDU:2025-01001",
+    "affectedPackages": [
+      {
+        "type": "vendor",
+        "identifier": "SampleSCADA <= 4.2",
+        "platform": null,
+        "versionRanges": [],
+        "normalizedVersions": [],
+        "statuses": [
+          {
+            "provenance": {
+              "source": "ru-nkcki",
+              "kind": "package-status",
+              "value": "patch_available",
+              "decisionReason": null,
+              "recordedAt": "2025-09-22T00:00:00+00:00",
+              "fieldMask": [
+                "affectedpackages[].statuses[]"
+              ]
+            },
+            "status": "fixed"
+          }
+        ],
+        "provenance": [
+          {
+            "source": "ru-nkcki",
+            "kind": "package",
+            "value": "SampleSCADA <= 4.2",
+            "decisionReason": null,
+            "recordedAt": "2025-09-22T00:00:00+00:00",
+            "fieldMask": [
+              "affectedpackages[]"
+            ]
+          }
+        ]
+      }
+    ],
+    "aliases": [
+      "BDU:2025-01001",
+      "CVE-2025-0101"
+    ],
+    "credits": [],
+    "cvssMetrics": [
+      {
+        "baseScore": 8.5,
+        "baseSeverity": "high",
+        "provenance": {
+          "source": "ru-nkcki",
+          "kind": "cvss",
+          "value": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
+          "decisionReason": null,
+          "recordedAt": "2025-09-22T00:00:00+00:00",
+          "fieldMask": [
+            "cvssmetrics[]"
+          ]
+        },
+        "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
+        "version": "3.1"
+      }
+    ],
+    "exploitKnown": true,
+    "language": "ru",
+    "modified": "2025-09-22T00:00:00+00:00",
+    "provenance": [
+      {
+        "source": "ru-nkcki",
+        "kind": "advisory",
+        "value": "BDU:2025-01001",
+        "decisionReason": null,
+        "recordedAt": "2025-09-22T00:00:00+00:00",
+        "fieldMask": [
+          "advisory"
+        ]
+      }
+    ],
+    "published": "2025-09-20T00:00:00+00:00",
+    "references": [
+      {
+        "kind": "details",
+        "provenance": {
+          "source": "ru-nkcki",
+          "kind": "reference",
+          "value": "https://bdu.fstec.ru/vul/2025-01001",
+          "decisionReason": null,
+          "recordedAt": "2025-09-22T00:00:00+00:00",
+          "fieldMask": [
+            "references[]"
+          ]
+        },
+        "sourceTag": "bdu",
+        "summary": null,
+        "url": "https://bdu.fstec.ru/vul/2025-01001"
+      },
+      {
+        "kind": "details",
+        "provenance": {
+          "source": "ru-nkcki",
+          "kind": "reference",
+          "value": "https://cert.gov.ru/materialy/uyazvimosti/2025-01001",
+          "decisionReason": null,
+          "recordedAt": "2025-09-22T00:00:00+00:00",
+          "fieldMask": [
+            "references[]"
+          ]
+        },
+        "sourceTag": null,
+        "summary": null,
+        "url": "https://cert.gov.ru/materialy/uyazvimosti/2025-01001"
+      },
+      {
+        "kind": "details",
+        "provenance": {
+          "source": "ru-nkcki",
+          "kind": "reference",
+          "value": "https://cert.gov.ru/materialy/uyazvimosti/2025-01001",
+          "decisionReason": null,
+          "recordedAt": "2025-09-22T00:00:00+00:00",
+          "fieldMask": [
+            "references[]"
+          ]
+        },
+        "sourceTag": "ru-nkcki",
+        "summary": null,
+        "url": "https://cert.gov.ru/materialy/uyazvimosti/2025-01001"
+      },
+      {
+        "kind": "cwe",
+        "provenance": {
+          "source": "ru-nkcki",
+          "kind": "reference",
+          "value": "https://cwe.mitre.org/data/definitions/321.html",
+          "decisionReason": null,
+          "recordedAt": "2025-09-22T00:00:00+00:00",
+          "fieldMask": [
+            "references[]"
+          ]
+        },
+        "sourceTag": "cwe",
+        "summary": "Use of Hard-coded Cryptographic Key",
+        "url": "https://cwe.mitre.org/data/definitions/321.html"
+      },
+      {
+        "kind": "external",
+        "provenance": {
+          "source": "ru-nkcki",
+          "kind": "reference",
+          "value": "https://vendor.example/advisories/sample-scada",
+          "decisionReason": null,
+          "recordedAt": "2025-09-22T00:00:00+00:00",
+          "fieldMask": [
+            "references[]"
+          ]
+        },
+        "sourceTag": null,
+        "summary": null,
+        "url": "https://vendor.example/advisories/sample-scada"
+      }
+    ],
+    "severity": "critical",
+    "summary": "Authenticated RCE in Sample SCADA",
+    "title": "Authenticated RCE in Sample SCADA"
+  }
+]