Fixes vulnerability scan alert

2026-04-29 07:29:32 +00:00 · 2023-08-04 15:18:42 +00:00 · 2023-08-04 15:18:42 +00:00 · 7eaa652d0e
commit 7eaa652d0e
parent c9231fb32e
3 changed files with 27 additions and 6 deletions
--- a/scripts/lua/modules/vulnerability_scan/vs_utils.lua
+++ b/scripts/lua/modules/vulnerability_scan/vs_utils.lua
@ -116,11 +116,17 @@ local function check_differences(host, scan_type, old_data, new_data)
   
   local num_cve_solved = 0
   local num_new_cve_issues = 0
+   local cve_solved = {}
+   local new_cve = {}
   -- Checking the solved vulnerabilities
   for _, cve in ipairs(old_data.cve or {}) do
      -- If the new table does not contains the cve it means that it is solved
      if not (table.contains(new_data.cve or {}, cve)) then
         num_cve_solved = num_cve_solved + 1
+         -- Add at most 5 cve
+         if num_cve_solved <= 5 then
+            cve_solved[#cve_solved + 1] = cve
+         end
      end
   end
   
@ -129,15 +135,21 @@ local function check_differences(host, scan_type, old_data, new_data)
      -- If the new table does not contains the cve it means that it is solved
      if not (table.contains(old_data.cve or {}, cve)) then
         num_new_cve_issues = num_new_cve_issues + 1
+         -- Add at most 5 cve
+         if num_new_cve_issues <= 5 then
+            new_cve[#new_cve + 1] = cve
+         end
      end
   end

   if num_cve_solved > 0 then
      rsp["num_cve_solved"] = num_cve_solved
+      rsp["cve_solved"] = cve_solved
   end

   if num_new_cve_issues > 0 then
      rsp["num_new_cve_issues"] = num_new_cve_issues
+      rsp["new_cve"] = new_cve
   end

   if table.empty(rsp) then
@ -223,10 +235,11 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time
      end

      if index_to_remove ~= 0 then
+         local old_data = saved_hosts[index_to_remove]
         -- In case the alert needs to be triggered, save the differences in order to lessen
         -- the info dropped on redis
-   if trigger_alert then
-            local old_data = saved_hosts[index_to_remove]
+         -- if is_ok_last_scan is nil then no prior scan was done, so do not trigger the alert
+   if trigger_alert and old_data.is_ok_last_scan then
            local host_info_to_cache = check_differences(host,
                                          scan_type,
                                          {