From aca3be97e9a17857b485326cc8f3d12e9712ee5c Mon Sep 17 00:00:00 2001 From: Ian Littman Date: Fri, 27 Jun 2025 10:31:51 -0500 Subject: [PATCH] Map Hashicorp Vault Homebrew package to correct vendor for CPE translation (#30363) Fixes #30229. No changes file since this is a vulns feed fix not tied to a release. - [x] Added/updated automated tests - [x] Manual QA for all new/changed functionality --- server/vulnerabilities/nvd/cpe_test.go | 9 +++++++++ server/vulnerabilities/nvd/cpe_translations.json | 10 ++++++++++ 2 files changed, 19 insertions(+) diff --git a/server/vulnerabilities/nvd/cpe_test.go b/server/vulnerabilities/nvd/cpe_test.go index 4993c1b4ba..61ba270344 100644 --- a/server/vulnerabilities/nvd/cpe_test.go +++ b/server/vulnerabilities/nvd/cpe_test.go @@ -1743,6 +1743,15 @@ func TestCPEFromSoftwareIntegration(t *testing.T) { BundleIdentifier: "", }, cpe: "cpe:2.3:a:github:cli:2.61.0:*:*:*:*:macos:*:*", }, + { + software: fleet.Software{ + Name: "vault", + Source: "homebrew_packages", + Version: "1.4.0", + Vendor: "", + BundleIdentifier: "", + }, cpe: "cpe:2.3:a:hashicorp:vault:1.4.0:*:*:*:*:macos:*:*", + }, { software: fleet.Software{ Name: "pass", diff --git a/server/vulnerabilities/nvd/cpe_translations.json b/server/vulnerabilities/nvd/cpe_translations.json index cd8f24370f..f777472bf7 100644 --- a/server/vulnerabilities/nvd/cpe_translations.json +++ b/server/vulnerabilities/nvd/cpe_translations.json @@ -10,6 +10,16 @@ "target_sw": ["macos", "mac_os"] } }, + { + "software": { + "name": ["vault"], + "source": ["homebrew_packages"] + }, + "filter": { + "product": ["vault"], + "vendor": ["hashicorp"] + } + }, { "software": { "name": ["pass"],