DefectDojo
diff --git a/‎dojo/api_v2/serializers.py‎
Lines changed: 3 additions & 0 deletions b/‎dojo/api_v2/serializers.py‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎dojo/settings/.settings.dist.py.sha256sum‎
Lines changed: 1 addition & 1 deletion b/‎dojo/settings/.settings.dist.py.sha256sum‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎dojo/settings/settings.dist.py‎
Lines changed: 1 addition & 0 deletions b/‎dojo/settings/settings.dist.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎dojo/tools/ssh_audit/parser.py‎
Lines changed: 2 additions & 0 deletions b/‎dojo/tools/ssh_audit/parser.py‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎dojo/tools/trivy/parser.py‎
Lines changed: 1 addition & 1 deletion b/‎dojo/tools/trivy/parser.py‎
Lines changed: 1 addition & 1 deletion
@@ -1929,6 +1929,8 @@ class Meta:
         exclude = ("cve",)
 
     def create(self, validated_data):
+        to_be_tagged, validated_data = self._pop_tags(validated_data)
+
         # Save vulnerability ids and pop them
         if "vulnerability_id_template_set" in validated_data:
             vulnerability_id_set = validated_data.pop(
@@ -1951,6 +1953,7 @@ def create(self, validated_data):
             )
             new_finding_template.save()
 
+        self._save_tags(new_finding_template, to_be_tagged)
         return new_finding_template
 
     def update(self, instance, validated_data):
 
@@ -1 +1 @@
-64f33a0118941e6611212f08ee283befe7e7d5f8306f35280ccb6113817136dd
+7ad5e28c5c96c6a3d40826bf32cea96c131825bd4eca857276b0458e26de36a3
@@ -1732,6 +1732,7 @@ def saml2_attrib_map_format(dict):
     "RHBA": "https://access.redhat.com/errata/",
     "RHEA": "https://access.redhat.com/errata/",
     "FEDORA": "https://bodhi.fedoraproject.org/updates/",
+    "ALSA": "https://osv.dev/vulnerability/",  # e.g. https://osv.dev/vulnerability/ALSA-2024:0827
 }
 # List of acceptable file types that can be uploaded to a given object via arbitrary file upload
 FILE_UPLOAD_TYPES = env("DD_FILE_UPLOAD_TYPES")
 
@@ -54,6 +54,8 @@ def get_findings(self, filename, test):
                         description="\n".join(description),
                         severity=severity,
                         static_finding=False)
+                finding.unsaved_vulnerability_ids = []
+                finding.unsaved_vulnerability_ids.append(cvename)
                 items.append(finding)
                 finding.unsaved_endpoints = []
                 endpoint = Endpoint(host=data["target"].split(":")[0], port=data["target"].split(":")[1])
 
@@ -86,7 +86,7 @@ def get_findings(self, scan_file, test):
         if schema_version == 2:
             results = data.get("Results", [])
             return self.get_result_items(test, results, artifact_name=artifact_name)
-        if cluster_name:
+        if cluster_name is not None:
             findings = []
             vulnerabilities = data.get("Vulnerabilities", [])
             for service in vulnerabilities:
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-64f33a0118941e6611212f08ee283befe7e7d5f8306f35280ccb6113817136dd`
	`1`	`+7ad5e28c5c96c6a3d40826bf32cea96c131825bd4eca857276b0458e26de36a3`
Original file line number	Diff line number	Diff line change
`@@ -1732,6 +1732,7 @@ def saml2_attrib_map_format(dict):`
`1732`	`1732`	`"RHBA": "https://access.redhat.com/errata/",`
`1733`	`1733`	`"RHEA": "https://access.redhat.com/errata/",`
`1734`	`1734`	`"FEDORA": "https://bodhi.fedoraproject.org/updates/",`
	`1735`	`+ "ALSA": "https://osv.dev/vulnerability/", # e.g. https://osv.dev/vulnerability/ALSA-2024:0827`
`1735`	`1736`	`}`
`1736`	`1737`	`# List of acceptable file types that can be uploaded to a given object via arbitrary file upload`
`1737`	`1738`	`FILE_UPLOAD_TYPES = env("DD_FILE_UPLOAD_TYPES")`