Add new test case 'x.org xorg server 1.10.0.901'

- Update test cases with new vulns and exploits
usdAG · Apr 4, 2024 · 70e5d0f · 70e5d0f
1 parent 58e0356
commit 70e5d0f
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/tests/test_cve_completeness.py b/tests/test_cve_completeness.py
@@ -98,7 +98,15 @@ def test_search_proftpd_135f(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:proftpd:proftpd:1.3.5f:-:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=True, is_good_cpe=False)
-        expected_cves = ['CVE-2015-3306', 'CVE-2019-18217', 'CVE-2019-19270', 'CVE-2019-19271', 'CVE-2019-19272', 'CVE-2020-9272', 'CVE-2021-46854', 'CVE-2023-51713', 'CVE-2023-48795']
+        expected_cves = ['CVE-2001-0027', 'CVE-2015-3306', 'CVE-2019-18217', 'CVE-2019-19270', 'CVE-2019-19271', 'CVE-2019-19272', 'CVE-2020-9272', 'CVE-2021-46854', 'CVE-2023-51713', 'CVE-2023-48795']
+        self.assertEqual(set(expected_cves), set(list(result[query]['vulns'].keys())))
+
+
+    def test_search_xorg_xorg_server_1100901(self):
+        self.maxDiff = None
+        query = 'x.org xorg server 1.10.0.901'
+        result = search_vulns.search_vulns(query=query, add_other_exploit_refs=True, is_good_cpe=False)
+        expected_cves = ['CVE-2024-0409', 'CVE-2024-0408', 'CVE-2023-6816', 'CVE-2023-1393', 'CVE-2020-14362', 'CVE-2020-14361', 'CVE-2020-14347', 'CVE-2020-14346', 'CVE-2018-14665', 'CVE-2017-2624', 'CVE-2017-13723', 'CVE-2017-13721', 'CVE-2017-12187', 'CVE-2017-12186', 'CVE-2017-12185', 'CVE-2017-12184', 'CVE-2017-12183', 'CVE-2017-12182', 'CVE-2017-12181', 'CVE-2017-12180', 'CVE-2017-12179', 'CVE-2017-12178', 'CVE-2017-12177', 'CVE-2017-12176', 'CVE-2017-10972', 'CVE-2017-10971', 'CVE-2015-3418', 'CVE-2015-0255', 'CVE-2014-8102', 'CVE-2014-8101', 'CVE-2014-8100', 'CVE-2014-8099', 'CVE-2014-8098', 'CVE-2014-8097', 'CVE-2014-8096', 'CVE-2014-8095', 'CVE-2014-8094', 'CVE-2014-8093', 'CVE-2014-8092', 'CVE-2014-8091', 'CVE-2013-1940', 'CVE-2012-0064', 'CVE-2011-0465', 'CVE-2006-6103', 'CVE-2006-6101', 'CVE-2006-0197', 'CVE-2002-1510', 'CVE-1999-0241', 'CVE-1999-0126']
         self.assertEqual(set(expected_cves), set(list(result[query]['vulns'].keys())))
 
 

diff --git a/tests/test_exploit_completeness.py b/tests/test_exploit_completeness.py
@@ -14,7 +14,7 @@ def test_search_wp_572(self):
         self.maxDiff = None
         query = 'cpe:2.3:a:wordpress:wordpress:5.7.2:*:*:*:*:*:*:*'
         result = search_vulns.search_vulns(query=query, add_other_exploit_refs=True, is_good_cpe=True)
-        expected_exploits = ['https://www.exploit-db.com/exploits/50663', 'http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html', 'https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661', 'https://github.com/APTIRAN/CVE-2022-21661', 'https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection', 'https://github.com/WellingtonEspindula/SSI-CVE-2022-21661', 'https://github.com/daniel616/CVE-2022-21661-Demo', 'https://github.com/purple-WL/wordpress-CVE-2022-21661', 'https://github.com/sealldeveloper/CVE-2022-21661-PoC', 'https://github.com/z92g/CVE-2022-21661', 'https://www.exploit-db.com/exploits/38936', 'http://www.securityfocus.com/bid/64587', 'https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/', 'http://plugins.trac.wordpress.org/changeset/490070/my-calendar', 'http://plugins.trac.wordpress.org/changeset/435356/scormcloud', 'https://blog.sonarsource.com/wordpress-object-injection-vulnerability/', 'http://plugins.trac.wordpress.org/changeset?old_path=%2Fbad-behavior&old=543807&new_path=%2Fbad-behavior&new=543807', 'https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/', 'https://github.com/hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner', 'https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/', 'https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve', 'https://github.com/guestzz/CVE-2022-21661', 'https://github.com/pog007/CVE-2023-5561-PoC', 'https://github.com/p4ncontomat3/CVE-2022-21661']
+        expected_exploits = ['https://www.exploit-db.com/exploits/50663', 'http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html', 'https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661', 'https://github.com/safe3s/CVE-2022-21661', 'https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection', 'https://github.com/WellingtonEspindula/SSI-CVE-2022-21661', 'https://github.com/daniel616/CVE-2022-21661-Demo', 'https://github.com/purple-WL/wordpress-CVE-2022-21661', 'https://github.com/sealldeveloper/CVE-2022-21661-PoC', 'https://github.com/z92g/CVE-2022-21661', 'https://www.exploit-db.com/exploits/38936', 'http://www.securityfocus.com/bid/64587', 'https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/', 'http://plugins.trac.wordpress.org/changeset/490070/my-calendar', 'http://plugins.trac.wordpress.org/changeset/435356/scormcloud', 'https://blog.sonarsource.com/wordpress-object-injection-vulnerability/', 'http://plugins.trac.wordpress.org/changeset?old_path=%2Fbad-behavior&old=543807&new_path=%2Fbad-behavior&new=543807', 'https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/', 'https://github.com/hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner', 'https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/', 'https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve', 'https://github.com/guestzz/CVE-2022-21661', 'https://github.com/pog007/CVE-2023-5561-PoC', 'https://github.com/p4ncontomat3/CVE-2022-21661', 'https://github.com/CharonDefalt/WordPress--CVE-2022-21661']
         result_exploits = []
         for cve in result[query]['vulns']:
             data = result[query]['vulns'].get(cve)