git.stella-ops.org/src/StellaOps.Feedser.Source.Ru.Nkcki.Tests/Fixtures/nkcki-advisories.snapshot.json

[
  {
    "advisoryKey": "BDU:2025-01001",
    "affectedPackages": [
      {
        "type": "ics-vendor",
        "identifier": "SampleVendor SampleGateway",
        "platform": "Energy, ICS",
        "versionRanges": [
          {
            "fixedVersion": null,
            "introducedVersion": "2.0",
            "lastAffectedVersion": null,
            "primitives": {
              "evr": null,
              "hasVendorExtensions": false,
              "nevra": null,
              "semVer": {
                "constraintExpression": ">= 2.0",
                "exactValue": null,
                "fixed": null,
                "fixedInclusive": false,
                "introduced": "2.0",
                "introducedInclusive": true,
                "lastAffected": null,
                "lastAffectedInclusive": false,
                "style": "greaterThanOrEqual"
              },
              "vendorExtensions": null
            },
            "provenance": {
              "source": "ru-nkcki",
              "kind": "package-range",
              "value": "SampleVendor SampleGateway >= 2.0 All platforms",
              "decisionReason": null,
              "recordedAt": "2025-10-12T00:01:00+00:00",
              "fieldMask": [
                "affectedpackages[].versionranges[]"
              ]
            },
            "rangeExpression": ">= 2.0",
            "rangeKind": "semver"
          }
        ],
        "normalizedVersions": [
          {
            "scheme": "semver",
            "type": "gte",
            "min": "2.0",
            "minInclusive": true,
            "max": null,
            "maxInclusive": null,
            "value": null,
            "notes": "SampleVendor SampleGateway >= 2.0 All platforms"
          }
        ],
        "statuses": [
          {
            "provenance": {
              "source": "ru-nkcki",
              "kind": "package-status",
              "value": "patch_available",
              "decisionReason": null,
              "recordedAt": "2025-10-12T00:01:00+00:00",
              "fieldMask": [
                "affectedpackages[].statuses[]"
              ]
            },
            "status": "fixed"
          }
        ],
        "provenance": [
          {
            "source": "ru-nkcki",
            "kind": "package",
            "value": "SampleVendor SampleGateway >= 2.0 All platforms",
            "decisionReason": null,
            "recordedAt": "2025-10-12T00:01:00+00:00",
            "fieldMask": [
              "affectedpackages[]"
            ]
          }
        ]
      },
      {
        "type": "ics-vendor",
        "identifier": "SampleVendor SampleSCADA",
        "platform": "Energy, ICS",
        "versionRanges": [
          {
            "fixedVersion": null,
            "introducedVersion": null,
            "lastAffectedVersion": "4.2",
            "primitives": {
              "evr": null,
              "hasVendorExtensions": false,
              "nevra": null,
              "semVer": {
                "constraintExpression": "<= 4.2",
                "exactValue": null,
                "fixed": null,
                "fixedInclusive": false,
                "introduced": null,
                "introducedInclusive": true,
                "lastAffected": "4.2",
                "lastAffectedInclusive": true,
                "style": "lessThanOrEqual"
              },
              "vendorExtensions": null
            },
            "provenance": {
              "source": "ru-nkcki",
              "kind": "package-range",
              "value": "SampleVendor SampleSCADA <= 4.2",
              "decisionReason": null,
              "recordedAt": "2025-10-12T00:01:00+00:00",
              "fieldMask": [
                "affectedpackages[].versionranges[]"
              ]
            },
            "rangeExpression": "<= 4.2",
            "rangeKind": "semver"
          }
        ],
        "normalizedVersions": [
          {
            "scheme": "semver",
            "type": "lte",
            "min": null,
            "minInclusive": null,
            "max": "4.2",
            "maxInclusive": true,
            "value": null,
            "notes": "SampleVendor SampleSCADA <= 4.2"
          }
        ],
        "statuses": [
          {
            "provenance": {
              "source": "ru-nkcki",
              "kind": "package-status",
              "value": "patch_available",
              "decisionReason": null,
              "recordedAt": "2025-10-12T00:01:00+00:00",
              "fieldMask": [
                "affectedpackages[].statuses[]"
              ]
            },
            "status": "fixed"
          }
        ],
        "provenance": [
          {
            "source": "ru-nkcki",
            "kind": "package",
            "value": "SampleVendor SampleSCADA <= 4.2",
            "decisionReason": null,
            "recordedAt": "2025-10-12T00:01:00+00:00",
            "fieldMask": [
              "affectedpackages[]"
            ]
          }
        ]
      }
    ],
    "aliases": [
      "BDU:2025-01001",
      "CVE-2025-0101"
    ],
    "credits": [],
    "cvssMetrics": [
      {
        "baseScore": 8.5,
        "baseSeverity": "high",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "cvss",
          "value": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "cvssmetrics[]"
          ]
        },
        "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
      },
      {
        "baseScore": 6.4,
        "baseSeverity": "medium",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "cvss",
          "value": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "cvssmetrics[]"
          ]
        },
        "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H",
        "version": "4.0"
      }
    ],
    "exploitKnown": true,
    "language": "ru",
    "modified": "2025-09-22T00:00:00+00:00",
    "provenance": [
      {
        "source": "ru-nkcki",
        "kind": "advisory",
        "value": "BDU:2025-01001",
        "decisionReason": null,
        "recordedAt": "2025-10-12T00:01:00+00:00",
        "fieldMask": [
          "advisory"
        ]
      }
    ],
    "published": "2025-09-20T00:00:00+00:00",
    "references": [
      {
        "kind": "details",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "reference",
          "value": "https://bdu.fstec.ru/vul/2025-01001",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "references[]"
          ]
        },
        "sourceTag": "bdu",
        "summary": null,
        "url": "https://bdu.fstec.ru/vul/2025-01001"
      },
      {
        "kind": "details",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "reference",
          "value": "https://cert.gov.ru/materialy/uyazvimosti/2025-01001",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "references[]"
          ]
        },
        "sourceTag": "ru-nkcki",
        "summary": null,
        "url": "https://cert.gov.ru/materialy/uyazvimosti/2025-01001"
      },
      {
        "kind": "cwe",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "reference",
          "value": "https://cwe.mitre.org/data/definitions/321.html",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "references[]"
          ]
        },
        "sourceTag": "cwe",
        "summary": "Use of Hard-coded Cryptographic Key",
        "url": "https://cwe.mitre.org/data/definitions/321.html"
      },
      {
        "kind": "external",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "reference",
          "value": "https://vendor.example/advisories/sample-scada",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "references[]"
          ]
        },
        "sourceTag": null,
        "summary": null,
        "url": "https://vendor.example/advisories/sample-scada"
      }
    ],
    "severity": "critical",
    "summary": "Authenticated RCE in Sample SCADA",
    "title": "Authenticated RCE in Sample SCADA"
  },
  {
    "advisoryKey": "BDU:2024-00011",
    "affectedPackages": [
      {
        "type": "cpe",
        "identifier": "LegacyPanel",
        "platform": "Software",
        "versionRanges": [
          {
            "fixedVersion": null,
            "introducedVersion": null,
            "lastAffectedVersion": "2.5",
            "primitives": {
              "evr": null,
              "hasVendorExtensions": false,
              "nevra": null,
              "semVer": {
                "constraintExpression": "<= 2.5",
                "exactValue": null,
                "fixed": null,
                "fixedInclusive": false,
                "introduced": null,
                "introducedInclusive": true,
                "lastAffected": "2.5",
                "lastAffectedInclusive": true,
                "style": "lessThanOrEqual"
              },
              "vendorExtensions": null
            },
            "provenance": {
              "source": "ru-nkcki",
              "kind": "package-range",
              "value": "LegacyPanel 1.0 - 2.5",
              "decisionReason": null,
              "recordedAt": "2025-10-12T00:01:00+00:00",
              "fieldMask": [
                "affectedpackages[].versionranges[]"
              ]
            },
            "rangeExpression": "<= 2.5",
            "rangeKind": "semver"
          },
          {
            "fixedVersion": null,
            "introducedVersion": "1.0",
            "lastAffectedVersion": null,
            "primitives": {
              "evr": null,
              "hasVendorExtensions": false,
              "nevra": null,
              "semVer": {
                "constraintExpression": ">= 1.0",
                "exactValue": null,
                "fixed": null,
                "fixedInclusive": false,
                "introduced": "1.0",
                "introducedInclusive": true,
                "lastAffected": null,
                "lastAffectedInclusive": false,
                "style": "greaterThanOrEqual"
              },
              "vendorExtensions": null
            },
            "provenance": {
              "source": "ru-nkcki",
              "kind": "package-range",
              "value": "LegacyPanel 1.0 - 2.5",
              "decisionReason": null,
              "recordedAt": "2025-10-12T00:01:00+00:00",
              "fieldMask": [
                "affectedpackages[].versionranges[]"
              ]
            },
            "rangeExpression": ">= 1.0",
            "rangeKind": "semver"
          }
        ],
        "normalizedVersions": [
          {
            "scheme": "semver",
            "type": "gte",
            "min": "1.0",
            "minInclusive": true,
            "max": null,
            "maxInclusive": null,
            "value": null,
            "notes": "LegacyPanel 1.0 - 2.5"
          },
          {
            "scheme": "semver",
            "type": "lte",
            "min": null,
            "minInclusive": null,
            "max": "2.5",
            "maxInclusive": true,
            "value": null,
            "notes": "LegacyPanel 1.0 - 2.5"
          }
        ],
        "statuses": [
          {
            "provenance": {
              "source": "ru-nkcki",
              "kind": "package-status",
              "value": "affected",
              "decisionReason": null,
              "recordedAt": "2025-10-12T00:01:00+00:00",
              "fieldMask": [
                "affectedpackages[].statuses[]"
              ]
            },
            "status": "affected"
          }
        ],
        "provenance": [
          {
            "source": "ru-nkcki",
            "kind": "package",
            "value": "LegacyPanel 1.0 - 2.5",
            "decisionReason": null,
            "recordedAt": "2025-10-12T00:01:00+00:00",
            "fieldMask": [
              "affectedpackages[]"
            ]
          }
        ]
      }
    ],
    "aliases": [
      "BDU:2024-00011"
    ],
    "credits": [],
    "cvssMetrics": [
      {
        "baseScore": 8.8,
        "baseSeverity": "high",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "cvss",
          "value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "cvssmetrics[]"
          ]
        },
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
      }
    ],
    "exploitKnown": true,
    "language": "ru",
    "modified": "2024-08-02T00:00:00+00:00",
    "provenance": [
      {
        "source": "ru-nkcki",
        "kind": "advisory",
        "value": "BDU:2024-00011",
        "decisionReason": null,
        "recordedAt": "2025-10-12T00:01:00+00:00",
        "fieldMask": [
          "advisory"
        ]
      }
    ],
    "published": "2024-08-01T00:00:00+00:00",
    "references": [
      {
        "kind": "details",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "reference",
          "value": "https://bdu.fstec.ru/vul/2024-00011",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "references[]"
          ]
        },
        "sourceTag": "bdu",
        "summary": null,
        "url": "https://bdu.fstec.ru/vul/2024-00011"
      },
      {
        "kind": "details",
        "provenance": {
          "source": "ru-nkcki",
          "kind": "reference",
          "value": "https://cert.gov.ru/materialy/uyazvimosti/2024-00011",
          "decisionReason": null,
          "recordedAt": "2025-10-12T00:01:00+00:00",
          "fieldMask": [
            "references[]"
          ]
        },
        "sourceTag": "ru-nkcki",
        "summary": null,
        "url": "https://cert.gov.ru/materialy/uyazvimosti/2024-00011"
      }
    ],
    "severity": "high",
    "summary": "Legacy panel overflow",
    "title": "Legacy panel overflow"
  }
]