diff --git a/changes/19853-homebrew-intellij b/changes/19853-homebrew-intellij new file mode 100644 index 0000000000..713d4ae142 --- /dev/null +++ b/changes/19853-homebrew-intellij @@ -0,0 +1 @@ +Fixed false negative vulnerabilities with IntelliJ IDEA CE and PyCharm CE installed via Homebrew. diff --git a/server/vulnerabilities/nvd/cpe_test.go b/server/vulnerabilities/nvd/cpe_test.go index 22778b4a71..dc2f598fa8 100644 --- a/server/vulnerabilities/nvd/cpe_test.go +++ b/server/vulnerabilities/nvd/cpe_test.go @@ -1334,6 +1334,16 @@ func TestCPEFromSoftwareIntegration(t *testing.T) { }, cpe: "cpe:2.3:a:jetbrains:intellij_idea:2022.3.3:*:*:*:*:macos:*:*", }, + { + software: fleet.Software{ + Name: "intellij-idea-ce", + Source: "homebrew_packages", + Version: "2023.3.2,233.13135.103", + Vendor: "", + BundleIdentifier: "", + }, + cpe: "cpe:2.3:a:jetbrains:intellij_idea:2023.3.2.233.13135.103:*:*:*:*:*:*:*", + }, { software: fleet.Software{ Name: "User PyCharm Custom Name.app", // 2023/10/31: The actual product name must be part of the app name per our code in CPEFromSoftware diff --git a/server/vulnerabilities/nvd/cpe_translations.json b/server/vulnerabilities/nvd/cpe_translations.json index a1f48dd63c..73d64cd787 100644 --- a/server/vulnerabilities/nvd/cpe_translations.json +++ b/server/vulnerabilities/nvd/cpe_translations.json @@ -130,6 +130,16 @@ "vendor": ["jetbrains"] } }, + { + "software": { + "name": ["/^intellij-idea(-ce)?$/"], + "source": ["homebrew_packages"] + }, + "filter": { + "product": ["intellij_idea"], + "vendor": ["jetbrains"] + } + }, { "software": { "bundle_identifier": ["/^com\\.jetbrains\\.pycharm/"], @@ -140,6 +150,16 @@ "vendor": ["jetbrains"] } }, + { + "software": { + "name": ["/^pycharm(-ce)?$/"], + "source": ["homebrew_packages"] + }, + "filter": { + "product": ["pycharm"], + "vendor": ["jetbrains"] + } + }, { "software": { "name": ["ms-python.python"],