diff --git a/.github/workflows/build-docker-images-for-testing.yml b/.github/workflows/build-docker-images-for-testing.yml index cd9c549494e..245b340ba36 100644 --- a/.github/workflows/build-docker-images-for-testing.yml +++ b/.github/workflows/build-docker-images-for-testing.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -28,14 +28,14 @@ jobs: run: echo "IMAGE_REPOSITORY=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 with: buildkitd-flags: --debug driver-opts: image=moby/buildkit:master # needed to get the fix for https://github.com/moby/buildkit/issues/2426 - name: Build id: docker_build - uses: docker/build-push-action@v6 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 timeout-minutes: 10 env: DOCKER_BUILD_CHECKS_ANNOTATIONS: false @@ -49,7 +49,7 @@ jobs: # export docker images to be used in next jobs below - name: Upload image ${{ matrix.docker-image }} as artifact timeout-minutes: 10 - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: built-docker-image-${{ matrix.docker-image }}-${{ matrix.os }} path: ${{ matrix.docker-image }}-${{ matrix.os }}_img diff --git a/.github/workflows/cancel-outdated-workflow-runs.yml b/.github/workflows/cancel-outdated-workflow-runs.yml index d9e0ec074ad..1f984efa2ea 100644 --- a/.github/workflows/cancel-outdated-workflow-runs.yml +++ b/.github/workflows/cancel-outdated-workflow-runs.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 3 steps: - - uses: styfle/cancel-workflow-action@0.12.1 + - uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # 0.12.1 with: workflow_id: 'integration-tests.yml,k8s-testing.yml,unit-tests.yml' access_token: ${{ github.token }} diff --git a/.github/workflows/detect-merge-conflicts.yaml b/.github/workflows/detect-merge-conflicts.yaml index 83041158702..934543cec4e 100644 --- a/.github/workflows/detect-merge-conflicts.yaml +++ b/.github/workflows/detect-merge-conflicts.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: check if prs are conflicted - uses: eps1lon/actions-label-merge-conflict@v3 + uses: eps1lon/actions-label-merge-conflict@1b1b1fcde06a9b3d089f3464c96417961dde1168 # v3.0.2 with: dirtyLabel: "conflicts-detected" repoToken: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/fetch-oas.yml b/.github/workflows/fetch-oas.yml index 5ec0aa9abad..cc5c499f22b 100644 --- a/.github/workflows/fetch-oas.yml +++ b/.github/workflows/fetch-oas.yml @@ -22,7 +22,7 @@ jobs: file-type: [yaml, json] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: release/${{ env.release_version }} @@ -51,7 +51,7 @@ jobs: run: docker compose down - name: Upload oas.${{ matrix.file-type }} as artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: oas-${{ matrix.file-type }} path: oas.${{ matrix.file-type }} diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 42f12417a39..888cd7eb3e4 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -13,18 +13,18 @@ jobs: runs-on: ubuntu-latest steps: - name: Setup Hugo - uses: peaceiris/actions-hugo@v3 + uses: peaceiris/actions-hugo@75d2e84710de30f6ff7268e08f310b60ef14033f # v3.0.0 with: hugo-version: '0.125.3' extended: true - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: '22.5.1' - name: Cache dependencies - uses: actions/cache@v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} @@ -32,14 +32,14 @@ jobs: ${{ runner.os }}-node- - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: recursive fetch-depth: 0 - name: Setup Pages id: pages - uses: actions/configure-pages@v4 + uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 - use this after https://github.com/DefectDojo/django-DefectDojo/pull/11329 - name: Install dependencies run: cd docs && npm ci @@ -51,7 +51,7 @@ jobs: run: cd docs && hugo --minify --gc --config config/production/hugo.toml - name: Deploy - uses: peaceiris/actions-gh-pages@v4 + uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 with: # publishes to the `gh-pages` branch by default github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ./docs/public diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index cd8d8072377..c60cb6f3403 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -41,11 +41,11 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # load docker images from build jobs - name: Load images from artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: built-docker-image pattern: built-docker-image-* diff --git a/.github/workflows/k8s-tests.yml b/.github/workflows/k8s-tests.yml index a4feb77273f..3f169002efb 100644 --- a/.github/workflows/k8s-tests.yml +++ b/.github/workflows/k8s-tests.yml @@ -32,10 +32,10 @@ jobs: os: debian steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Minikube - uses: manusa/actions-setup-minikube@v2.13.0 + uses: manusa/actions-setup-minikube@0e8062ceff873bd77979f39cf8fd3621416afe4d # v2.13.0 with: minikube version: 'v1.33.1' kubernetes version: ${{ matrix.k8s }} @@ -48,7 +48,7 @@ jobs: minikube status - name: Load images from artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: built-docker-image pattern: built-docker-image-* diff --git a/.github/workflows/plantuml.yml b/.github/workflows/plantuml.yml index 5fa308ffb41..6beb590899b 100644 --- a/.github/workflows/plantuml.yml +++ b/.github/workflows/plantuml.yml @@ -13,7 +13,7 @@ jobs: UML_FILES: ".puml" steps: - name: Checkout Source - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -33,7 +33,7 @@ jobs: with: args: -v -tpng ${{ steps.getfile.outputs.files }} - name: Push Local Changes - uses: stefanzweifel/git-auto-commit-action@v5.0.1 + uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 with: commit_user_name: "PlantUML_bot" commit_user_email: "noreply@defectdojo.org" diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index 34a31a0cab2..cde6795db05 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -15,7 +15,7 @@ jobs: name: "Autolabeler" runs-on: ubuntu-latest steps: - - uses: actions/labeler@v5 + - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" sync-labels: true diff --git a/.github/workflows/release-1-create-pr.yml b/.github/workflows/release-1-create-pr.yml index c93b1d0ee69..5b65c02ec93 100644 --- a/.github/workflows/release-1-create-pr.yml +++ b/.github/workflows/release-1-create-pr.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout from_branch branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.inputs.from_branch }} @@ -45,7 +45,7 @@ jobs: run: git push origin HEAD:${NEW_BRANCH} - name: Checkout release branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ env.NEW_BRANCH }} @@ -75,7 +75,7 @@ jobs: grep -H version helm/defectdojo/Chart.yaml - name: Push version changes - uses: stefanzweifel/git-auto-commit-action@v5.0.1 + uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 with: commit_user_name: "${{ env.GIT_USERNAME }}" commit_user_email: "${{ env.GIT_EMAIL }}" @@ -88,7 +88,7 @@ jobs: - name: Create Pull Request env: REPO_ORG: ${{ env.repoorg }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/release-2-tag-docker-push.yml b/.github/workflows/release-2-tag-docker-push.yml index f6f021fcaa9..bd06d3b920a 100644 --- a/.github/workflows/release-2-tag-docker-push.yml +++ b/.github/workflows/release-2-tag-docker-push.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: master diff --git a/.github/workflows/release-3-master-into-dev.yml b/.github/workflows/release-3-master-into-dev.yml index 012781f45e4..ede4cf33d37 100644 --- a/.github/workflows/release-3-master-into-dev.yml +++ b/.github/workflows/release-3-master-into-dev.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout master - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: master @@ -38,7 +38,7 @@ jobs: run: git push origin HEAD:${NEW_BRANCH} - name: Checkout new branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ env.NEW_BRANCH }} @@ -73,7 +73,7 @@ jobs: if: endsWith(github.event.inputs.release_number_new, '.0') && endsWith(github.event.inputs.release_number_dev, '.0-dev') - name: Push version changes - uses: stefanzweifel/git-auto-commit-action@v5.0.1 + uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 with: commit_user_name: "${{ env.GIT_USERNAME }}" commit_user_email: "${{ env.GIT_EMAIL }}" @@ -86,7 +86,7 @@ jobs: - name: Create Pull Request env: REPO_ORG: ${{ env.repoorg }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -103,7 +103,7 @@ jobs: steps: - name: Checkout master - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: master @@ -120,7 +120,7 @@ jobs: run: git push origin HEAD:${NEW_BRANCH} - name: Checkout new branch - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ env.NEW_BRANCH }} @@ -139,7 +139,7 @@ jobs: grep version components/package.json - name: Push version changes - uses: stefanzweifel/git-auto-commit-action@v5.0.1 + uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 with: commit_user_name: "${{ env.GIT_USERNAME }}" commit_user_email: "${{ env.GIT_EMAIL }}" @@ -152,7 +152,7 @@ jobs: - name: Create Pull Request env: REPO_ORG: ${{ env.repoorg }} - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 0e42769cd76..7802bfdc1b2 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Create Release id: create_release - uses: release-drafter/release-drafter@v6.0.0 + uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v6.0.0 with: version: ${{ github.event.inputs.version }} env: @@ -47,13 +47,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Load OAS files from artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: pattern: oas-* - name: Upload Release Asset - OpenAPI Specification - YAML id: upload-release-asset-yaml - uses: actions/upload-release-asset@v1 + uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -64,7 +64,7 @@ jobs: - name: Upload Release Asset - OpenAPI Specification - JSON id: upload-release-asset-json - uses: actions/upload-release-asset@v1 + uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/release-x-manual-docker-containers.yml b/.github/workflows/release-x-manual-docker-containers.yml index 6f8862b6216..bf0061c7e6e 100644 --- a/.github/workflows/release-x-manual-docker-containers.yml +++ b/.github/workflows/release-x-manual-docker-containers.yml @@ -32,13 +32,13 @@ jobs: platform: [amd64] steps: - name: Login to DockerHub - uses: docker/login-action@v3 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Checkout tag - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.inputs.release_number }} @@ -47,11 +47,11 @@ jobs: - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Build and push images with debian if: ${{ matrix.os == 'debian' }} - uses: docker/build-push-action@v6 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 env: DOCKER_BUILD_CHECKS_ANNOTATIONS: false REPO_ORG: ${{ env.repoorg }} @@ -64,7 +64,7 @@ jobs: - name: Build and push images with alpine if: ${{ matrix.os == 'alpine' }} - uses: docker/build-push-action@v6 + uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 env: DOCKER_BUILD_CHECKS_ANNOTATIONS: false REPO_ORG: ${{ env.repoorg }} diff --git a/.github/workflows/release-x-manual-helm-chart.yml b/.github/workflows/release-x-manual-helm-chart.yml index 560e809e843..27b7edab0ce 100644 --- a/.github/workflows/release-x-manual-helm-chart.yml +++ b/.github/workflows/release-x-manual-helm-chart.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: master fetch-depth: 0 @@ -56,7 +56,7 @@ jobs: helm dependency update ./helm/defectdojo - name: Add yq - uses: mikefarah/yq@master + uses: mikefarah/yq@4839dbbf80445070a31c7a9c1055da527db2d5ee # v4.44.6 - name: Pin version docker version id: pin_image @@ -73,7 +73,7 @@ jobs: echo "chart_version=$(ls build | cut -d '-' -f 2 | sed 's|\.tgz||')" >> $GITHUB_ENV - name: Create release ${{ github.event.inputs.release_number }} - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@7b4da11513bf3f43f9999e90eabced41ab8bb048 # v2.2.0 with: name: '${{ github.event.inputs.release_number }} 🌈' tag_name: ${{ github.event.inputs.release_number }} diff --git a/.github/workflows/release_drafter_valentijn.yml b/.github/workflows/release_drafter_valentijn.yml index 0ac52a0466a..7ce4c2813a6 100644 --- a/.github/workflows/release_drafter_valentijn.yml +++ b/.github/workflows/release_drafter_valentijn.yml @@ -20,7 +20,7 @@ jobs: update_release_draft: runs-on: ubuntu-latest steps: - - uses: valentijnscholten/release-drafter@master + - uses: valentijnscholten/release-drafter@master # TODO: not maintained anymore - missing part is maybe already solved in the upstream with: version: ${{github.event.inputs.version}} previous-version: ${{github.event.inputs.previous-version}} diff --git a/.github/workflows/rest-framework-tests.yml b/.github/workflows/rest-framework-tests.yml index bd8ca3322fa..63056587431 100644 --- a/.github/workflows/rest-framework-tests.yml +++ b/.github/workflows/rest-framework-tests.yml @@ -14,13 +14,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false # load docker images from build jobs - name: Load images from artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: built-docker-image pattern: built-docker-image-* diff --git a/.github/workflows/ruff.yml b/.github/workflows/ruff.yml index 04799cdd003..59652fa7332 100644 --- a/.github/workflows/ruff.yml +++ b/.github/workflows/ruff.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Ruff Linter run: pip install -r requirements-lint.txt diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 4a37d71b562..8657b48c68a 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Grab shellcheck run: | diff --git a/.github/workflows/test-helm-chart.yml b/.github/workflows/test-helm-chart.yml index 5bf20169328..75cf1186411 100644 --- a/.github/workflows/test-helm-chart.yml +++ b/.github/workflows/test-helm-chart.yml @@ -14,15 +14,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v4.2.0 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: 3.9 @@ -33,7 +33,7 @@ jobs: helm dependency update ./helm/defectdojo - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 + uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 with: yamale_version: 4.0.4 yamllint_version: 1.35.1 diff --git a/Dockerfile.nginx-alpine b/Dockerfile.nginx-alpine index 17abb7c3f82..9c266b9734a 100644 --- a/Dockerfile.nginx-alpine +++ b/Dockerfile.nginx-alpine @@ -140,7 +140,7 @@ COPY manage.py ./ COPY dojo/ ./dojo/ RUN env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && true -FROM nginx:1.27.2-alpine@sha256:74175cf34632e88c6cfe206897cbfe2d2fecf9bf033c40e7f9775a3689e8adc7 +FROM nginx:1.27.3-alpine@sha256:41523187cf7d7a2f2677a80609d9caa14388bf5c1fbca9c410ba3de602aaaab4 ARG uid=1001 ARG appuser=defectdojo COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/ diff --git a/Dockerfile.nginx-debian b/Dockerfile.nginx-debian index b062e28e10e..f55d77bfe8f 100644 --- a/Dockerfile.nginx-debian +++ b/Dockerfile.nginx-debian @@ -73,7 +73,7 @@ COPY dojo/ ./dojo/ RUN env DD_SECRET_KEY='.' python3 manage.py collectstatic --noinput && true -FROM nginx:1.27.2-alpine@sha256:74175cf34632e88c6cfe206897cbfe2d2fecf9bf033c40e7f9775a3689e8adc7 +FROM nginx:1.27.3-alpine@sha256:41523187cf7d7a2f2677a80609d9caa14388bf5c1fbca9c410ba3de602aaaab4 ARG uid=1001 ARG appuser=defectdojo COPY --from=collectstatic /app/static/ /usr/share/nginx/html/static/ diff --git a/components/package.json b/components/package.json index e037cef0533..a8d871e7356 100644 --- a/components/package.json +++ b/components/package.json @@ -1,6 +1,6 @@ { "name": "defectdojo", - "version": "2.41.4", + "version": "2.42.0", "license" : "BSD-3-Clause", "private": true, "dependencies": { @@ -35,7 +35,7 @@ "metismenu": "~3.0.7", "moment": "^2.30.1", "morris.js": "morrisjs/morris.js", - "pdfmake": "^0.2.15", + "pdfmake": "^0.2.17", "startbootstrap-sb-admin-2": "1.0.7" }, "engines": { diff --git a/components/yarn.lock b/components/yarn.lock index 26479c39938..b3615a80643 100644 --- a/components/yarn.lock +++ b/components/yarn.lock @@ -24,10 +24,10 @@ base64-js "1.3.1" unicode-trie "^2.0.0" -"@foliojs-fork/pdfkit@^0.15.1": - version "0.15.1" - resolved "https://registry.yarnpkg.com/@foliojs-fork/pdfkit/-/pdfkit-0.15.1.tgz#ecae3bcb7aad46b58e50493de593317f9b738074" - integrity sha512-4Cq2onHZAhThIfzv3/AFTPALqHzbmV8uNvgRELULWNbsZATgVeqEL4zHOzCyblLfX6tMXVO2BVaPcXboIxGjiw== +"@foliojs-fork/pdfkit@^0.15.2": + version "0.15.2" + resolved "https://registry.yarnpkg.com/@foliojs-fork/pdfkit/-/pdfkit-0.15.2.tgz#6dbe57ed45f1dc022d0219f3810071b9007e347e" + integrity sha512-Wpj6BH4DGn+zAWmCk9agdbAw3Zxt+MpemjssLfYdnretWpZ014uR6Zo51E4ftVP75UA8a7mtt4TiCu09lIKsBw== dependencies: "@foliojs-fork/fontkit" "^1.9.2" "@foliojs-fork/linebreak" "^1.1.1" @@ -503,13 +503,13 @@ pako@~1.0.2: resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.11.tgz#6c9599d340d54dfd3946380252a35705a6b992bf" integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw== -pdfmake@^0.2.15: - version "0.2.15" - resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.15.tgz#86bbc2c854e8a1cc98d4d6394b39dae00cc3a3b0" - integrity sha512-Ryef9mjxo6q8dthhbssAK0zwCsPZ6Pl7kCHnIEXOvQdd79LUGZD6SHGi21YryFXczPjvw6V009uxQwp5iritcA== +pdfmake@^0.2.17: + version "0.2.17" + resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.17.tgz#64beeb0b09c7e0ade39b6d4b379371818cea3da5" + integrity sha512-ODOp1T232yr/HGjdYCq888paBE7RDCflCOSRDUtR9CyfXneOmnMPZJl8dxP9zEXbKiv9vfk9Z/3eK2V2B/Wx/Q== dependencies: "@foliojs-fork/linebreak" "^1.1.2" - "@foliojs-fork/pdfkit" "^0.15.1" + "@foliojs-fork/pdfkit" "^0.15.2" iconv-lite "^0.6.3" xmldoc "^1.3.0" diff --git a/docker-compose.yml b/docker-compose.yml index aac7a98f7ba..c0cc991e6ca 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,6 +16,8 @@ services: - uwsgi environment: NGINX_METRICS_ENABLED: "${NGINX_METRICS_ENABLED:-false}" + DD_UWSGI_HOST: "${DD_UWSGI_HOST:-uwsgi}" + DD_UWSGI_PORT: "${DD_UWSGI_PORT:-3031}" volumes: - defectdojo_media:/usr/share/nginx/html/media ports: @@ -103,7 +105,7 @@ services: source: ./docker/extra_settings target: /app/docker/extra_settings postgres: - image: postgres:17.2-alpine@sha256:e7897baa70dae1968d23d785adb4aeb699175e0bcaae44f98a7083ecb9668b93 + image: postgres:17.2-alpine@sha256:d37d2c160d34430877c802e5adc22824a2ad453499db9bab1a2ceb2be6c1a46f environment: POSTGRES_DB: ${DD_DATABASE_NAME:-defectdojo} POSTGRES_USER: ${DD_DATABASE_USER:-defectdojo} diff --git a/docs/content/en/open_source/upgrading/2.36.md b/docs/content/en/open_source/upgrading/2.36.md index 0d61ff7d1c3..fd17e263ee2 100644 --- a/docs/content/en/open_source/upgrading/2.36.md +++ b/docs/content/en/open_source/upgrading/2.36.md @@ -6,7 +6,7 @@ description: Breaking Change for HELM deployments with PostgreSQL exclude_search: true --- -Previous HELM deployments (HELM chart `<=1.6.136`, DefectDojo `<=2.35.4`) used a pinned version of PostgreSQL in versions `11.x`. These are incompatible with Django in version `4.2` (used from DefectDojo version `3.36.0`; HELM chart `1.6.137`). Because of this, it is necessary to upgrade PostgreSQL to version `12.x` or higher. DefectDojo in version `3.36.1` (HELM chart `1.6.138`) uses this new version of PostgreSQL. +Previous HELM deployments (HELM chart `<=1.6.136`, DefectDojo `<=2.35.4`) used a pinned version of PostgreSQL in versions `11.x`. These are incompatible with Django in version `4.2` (used from DefectDojo version `2.36.0`; HELM chart `1.6.137`). Because of this, it is necessary to upgrade PostgreSQL to version `12.x` or higher. DefectDojo in version `2.36.1` (HELM chart `1.6.138`) uses this new version of PostgreSQL. Unfortunately, an upgrade of PostgreSQL is not enough because PostgreSQL does not support automatic migration of data structures in the filesystem. Because of this, migration is needed. There are different ways (many of them similar to migration between different database backends (e.g. from MySQL to PostgreSQL)). Please find inspiration and the best fitting way for you in: diff --git a/docs/content/en/open_source/upgrading/2.42.md b/docs/content/en/open_source/upgrading/2.42.md new file mode 100644 index 00000000000..c815a7794d3 --- /dev/null +++ b/docs/content/en/open_source/upgrading/2.42.md @@ -0,0 +1,7 @@ +--- +title: 'Upgrading to DefectDojo Version 2.42.x' +toc_hide: true +weight: -20241104 +description: No special instructions. +--- +There are no special instructions for upgrading to 2.42.x. Check the [Release Notes](https://github.com/DefectDojo/django-DefectDojo/releases/tag/2.42.0) for the contents of the release. diff --git a/docs/package-lock.json b/docs/package-lock.json index 254062bd28d..01229f0d6b9 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -1504,9 +1504,9 @@ } }, "node_modules/@esbuild/aix-ppc64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.24.0.tgz", - "integrity": "sha512-WtKdFM7ls47zkKHFVzMz8opM7LkcsIp9amDUBIAWirg70RM71WRSjdILPsY5Uv1D42ZpUfaPILDlfactHgsRkw==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.24.2.tgz", + "integrity": "sha512-thpVCb/rhxE/BnMLQ7GReQLLN8q9qbHmI55F4489/ByVg2aQaQ6kbcLb6FHkocZzQhxc4gx0sCk0tJkKBFzDhA==", "cpu": [ "ppc64" ], @@ -1521,9 +1521,9 @@ } }, "node_modules/@esbuild/android-arm": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.24.0.tgz", - "integrity": "sha512-arAtTPo76fJ/ICkXWetLCc9EwEHKaeya4vMrReVlEIUCAUncH7M4bhMQ+M9Vf+FFOZJdTNMXNBrWwW+OXWpSew==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.24.2.tgz", + "integrity": "sha512-tmwl4hJkCfNHwFB3nBa8z1Uy3ypZpxqxfTQOcHX+xRByyYgunVbZ9MzUUfb0RxaHIMnbHagwAxuTL+tnNM+1/Q==", "cpu": [ "arm" ], @@ -1538,9 +1538,9 @@ } }, "node_modules/@esbuild/android-arm64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.24.0.tgz", - "integrity": "sha512-Vsm497xFM7tTIPYK9bNTYJyF/lsP590Qc1WxJdlB6ljCbdZKU9SY8i7+Iin4kyhV/KV5J2rOKsBQbB77Ab7L/w==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.24.2.tgz", + "integrity": "sha512-cNLgeqCqV8WxfcTIOeL4OAtSmL8JjcN6m09XIgro1Wi7cF4t/THaWEa7eL5CMoMBdjoHOTh/vwTO/o2TRXIyzg==", "cpu": [ "arm64" ], @@ -1555,9 +1555,9 @@ } }, "node_modules/@esbuild/android-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.24.0.tgz", - "integrity": "sha512-t8GrvnFkiIY7pa7mMgJd7p8p8qqYIz1NYiAoKc75Zyv73L3DZW++oYMSHPRarcotTKuSs6m3hTOa5CKHaS02TQ==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.24.2.tgz", + "integrity": "sha512-B6Q0YQDqMx9D7rvIcsXfmJfvUYLoP722bgfBlO5cGvNVb5V/+Y7nhBE3mHV9OpxBf4eAS2S68KZztiPaWq4XYw==", "cpu": [ "x64" ], @@ -1572,9 +1572,9 @@ } }, "node_modules/@esbuild/darwin-arm64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.24.0.tgz", - "integrity": "sha512-CKyDpRbK1hXwv79soeTJNHb5EiG6ct3efd/FTPdzOWdbZZfGhpbcqIpiD0+vwmpu0wTIL97ZRPZu8vUt46nBSw==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.24.2.tgz", + "integrity": "sha512-kj3AnYWc+CekmZnS5IPu9D+HWtUI49hbnyqk0FLEJDbzCIQt7hg7ucF1SQAilhtYpIujfaHr6O0UHlzzSPdOeA==", "cpu": [ "arm64" ], @@ -1589,9 +1589,9 @@ } }, "node_modules/@esbuild/darwin-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.24.0.tgz", - "integrity": "sha512-rgtz6flkVkh58od4PwTRqxbKH9cOjaXCMZgWD905JOzjFKW+7EiUObfd/Kav+A6Gyud6WZk9w+xu6QLytdi2OA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.24.2.tgz", + "integrity": "sha512-WeSrmwwHaPkNR5H3yYfowhZcbriGqooyu3zI/3GGpF8AyUdsrrP0X6KumITGA9WOyiJavnGZUwPGvxvwfWPHIA==", "cpu": [ "x64" ], @@ -1606,9 +1606,9 @@ } }, "node_modules/@esbuild/freebsd-arm64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.24.0.tgz", - "integrity": "sha512-6Mtdq5nHggwfDNLAHkPlyLBpE5L6hwsuXZX8XNmHno9JuL2+bg2BX5tRkwjyfn6sKbxZTq68suOjgWqCicvPXA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.24.2.tgz", + "integrity": "sha512-UN8HXjtJ0k/Mj6a9+5u6+2eZ2ERD7Edt1Q9IZiB5UZAIdPnVKDoG7mdTVGhHJIeEml60JteamR3qhsr1r8gXvg==", "cpu": [ "arm64" ], @@ -1623,9 +1623,9 @@ } }, "node_modules/@esbuild/freebsd-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.24.0.tgz", - "integrity": "sha512-D3H+xh3/zphoX8ck4S2RxKR6gHlHDXXzOf6f/9dbFt/NRBDIE33+cVa49Kil4WUjxMGW0ZIYBYtaGCa2+OsQwQ==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.24.2.tgz", + "integrity": "sha512-TvW7wE/89PYW+IevEJXZ5sF6gJRDY/14hyIGFXdIucxCsbRmLUcjseQu1SyTko+2idmCw94TgyaEZi9HUSOe3Q==", "cpu": [ "x64" ], @@ -1640,9 +1640,9 @@ } }, "node_modules/@esbuild/linux-arm": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.24.0.tgz", - "integrity": "sha512-gJKIi2IjRo5G6Glxb8d3DzYXlxdEj2NlkixPsqePSZMhLudqPhtZ4BUrpIuTjJYXxvF9njql+vRjB2oaC9XpBw==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.24.2.tgz", + "integrity": "sha512-n0WRM/gWIdU29J57hJyUdIsk0WarGd6To0s+Y+LwvlC55wt+GT/OgkwoXCXvIue1i1sSNWblHEig00GBWiJgfA==", "cpu": [ "arm" ], @@ -1657,9 +1657,9 @@ } }, "node_modules/@esbuild/linux-arm64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.24.0.tgz", - "integrity": "sha512-TDijPXTOeE3eaMkRYpcy3LarIg13dS9wWHRdwYRnzlwlA370rNdZqbcp0WTyyV/k2zSxfko52+C7jU5F9Tfj1g==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.24.2.tgz", + "integrity": "sha512-7HnAD6074BW43YvvUmE/35Id9/NB7BeX5EoNkK9obndmZBUk8xmJJeU7DwmUeN7tkysslb2eSl6CTrYz6oEMQg==", "cpu": [ "arm64" ], @@ -1674,9 +1674,9 @@ } }, "node_modules/@esbuild/linux-ia32": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.24.0.tgz", - "integrity": "sha512-K40ip1LAcA0byL05TbCQ4yJ4swvnbzHscRmUilrmP9Am7//0UjPreh4lpYzvThT2Quw66MhjG//20mrufm40mA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.24.2.tgz", + "integrity": "sha512-sfv0tGPQhcZOgTKO3oBE9xpHuUqguHvSo4jl+wjnKwFpapx+vUDcawbwPNuBIAYdRAvIDBfZVvXprIj3HA+Ugw==", "cpu": [ "ia32" ], @@ -1691,9 +1691,9 @@ } }, "node_modules/@esbuild/linux-loong64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.24.0.tgz", - "integrity": "sha512-0mswrYP/9ai+CU0BzBfPMZ8RVm3RGAN/lmOMgW4aFUSOQBjA31UP8Mr6DDhWSuMwj7jaWOT0p0WoZ6jeHhrD7g==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.24.2.tgz", + "integrity": "sha512-CN9AZr8kEndGooS35ntToZLTQLHEjtVB5n7dl8ZcTZMonJ7CCfStrYhrzF97eAecqVbVJ7APOEe18RPI4KLhwQ==", "cpu": [ "loong64" ], @@ -1708,9 +1708,9 @@ } }, "node_modules/@esbuild/linux-mips64el": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.24.0.tgz", - "integrity": "sha512-hIKvXm0/3w/5+RDtCJeXqMZGkI2s4oMUGj3/jM0QzhgIASWrGO5/RlzAzm5nNh/awHE0A19h/CvHQe6FaBNrRA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.24.2.tgz", + "integrity": "sha512-iMkk7qr/wl3exJATwkISxI7kTcmHKE+BlymIAbHO8xanq/TjHaaVThFF6ipWzPHryoFsesNQJPE/3wFJw4+huw==", "cpu": [ "mips64el" ], @@ -1725,9 +1725,9 @@ } }, "node_modules/@esbuild/linux-ppc64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.24.0.tgz", - "integrity": "sha512-HcZh5BNq0aC52UoocJxaKORfFODWXZxtBaaZNuN3PUX3MoDsChsZqopzi5UupRhPHSEHotoiptqikjN/B77mYQ==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.24.2.tgz", + "integrity": "sha512-shsVrgCZ57Vr2L8mm39kO5PPIb+843FStGt7sGGoqiiWYconSxwTiuswC1VJZLCjNiMLAMh34jg4VSEQb+iEbw==", "cpu": [ "ppc64" ], @@ -1742,9 +1742,9 @@ } }, "node_modules/@esbuild/linux-riscv64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.24.0.tgz", - "integrity": "sha512-bEh7dMn/h3QxeR2KTy1DUszQjUrIHPZKyO6aN1X4BCnhfYhuQqedHaa5MxSQA/06j3GpiIlFGSsy1c7Gf9padw==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.24.2.tgz", + "integrity": "sha512-4eSFWnU9Hhd68fW16GD0TINewo1L6dRrB+oLNNbYyMUAeOD2yCK5KXGK1GH4qD/kT+bTEXjsyTCiJGHPZ3eM9Q==", "cpu": [ "riscv64" ], @@ -1759,9 +1759,9 @@ } }, "node_modules/@esbuild/linux-s390x": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.24.0.tgz", - "integrity": "sha512-ZcQ6+qRkw1UcZGPyrCiHHkmBaj9SiCD8Oqd556HldP+QlpUIe2Wgn3ehQGVoPOvZvtHm8HPx+bH20c9pvbkX3g==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.24.2.tgz", + "integrity": "sha512-S0Bh0A53b0YHL2XEXC20bHLuGMOhFDO6GN4b3YjRLK//Ep3ql3erpNcPlEFed93hsQAjAQDNsvcK+hV90FubSw==", "cpu": [ "s390x" ], @@ -1776,9 +1776,9 @@ } }, "node_modules/@esbuild/linux-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.24.0.tgz", - "integrity": "sha512-vbutsFqQ+foy3wSSbmjBXXIJ6PL3scghJoM8zCL142cGaZKAdCZHyf+Bpu/MmX9zT9Q0zFBVKb36Ma5Fzfa8xA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.24.2.tgz", + "integrity": "sha512-8Qi4nQcCTbLnK9WoMjdC9NiTG6/E38RNICU6sUNqK0QFxCYgoARqVqxdFmWkdonVsvGqWhmm7MO0jyTqLqwj0Q==", "cpu": [ "x64" ], @@ -1792,10 +1792,27 @@ "node": ">=18" } }, + "node_modules/@esbuild/netbsd-arm64": { + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.24.2.tgz", + "integrity": "sha512-wuLK/VztRRpMt9zyHSazyCVdCXlpHkKm34WUyinD2lzK07FAHTq0KQvZZlXikNWkDGoT6x3TD51jKQ7gMVpopw==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "netbsd" + ], + "engines": { + "node": ">=18" + } + }, "node_modules/@esbuild/netbsd-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.24.0.tgz", - "integrity": "sha512-hjQ0R/ulkO8fCYFsG0FZoH+pWgTTDreqpqY7UnQntnaKv95uP5iW3+dChxnx7C3trQQU40S+OgWhUVwCjVFLvg==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.24.2.tgz", + "integrity": "sha512-VefFaQUc4FMmJuAxmIHgUmfNiLXY438XrL4GDNV1Y1H/RW3qow68xTwjZKfj/+Plp9NANmzbH5R40Meudu8mmw==", "cpu": [ "x64" ], @@ -1810,9 +1827,9 @@ } }, "node_modules/@esbuild/openbsd-arm64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.24.0.tgz", - "integrity": "sha512-MD9uzzkPQbYehwcN583yx3Tu5M8EIoTD+tUgKF982WYL9Pf5rKy9ltgD0eUgs8pvKnmizxjXZyLt0z6DC3rRXg==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.24.2.tgz", + "integrity": "sha512-YQbi46SBct6iKnszhSvdluqDmxCJA+Pu280Av9WICNwQmMxV7nLRHZfjQzwbPs3jeWnuAhE9Jy0NrnJ12Oz+0A==", "cpu": [ "arm64" ], @@ -1827,9 +1844,9 @@ } }, "node_modules/@esbuild/openbsd-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.24.0.tgz", - "integrity": "sha512-4ir0aY1NGUhIC1hdoCzr1+5b43mw99uNwVzhIq1OY3QcEwPDO3B7WNXBzaKY5Nsf1+N11i1eOfFcq+D/gOS15Q==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.24.2.tgz", + "integrity": "sha512-+iDS6zpNM6EnJyWv0bMGLWSWeXGN/HTaF/LXHXHwejGsVi+ooqDfMCCTerNFxEkM3wYVcExkeGXNqshc9iMaOA==", "cpu": [ "x64" ], @@ -1844,9 +1861,9 @@ } }, "node_modules/@esbuild/sunos-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.24.0.tgz", - "integrity": "sha512-jVzdzsbM5xrotH+W5f1s+JtUy1UWgjU0Cf4wMvffTB8m6wP5/kx0KiaLHlbJO+dMgtxKV8RQ/JvtlFcdZ1zCPA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.24.2.tgz", + "integrity": "sha512-hTdsW27jcktEvpwNHJU4ZwWFGkz2zRJUz8pvddmXPtXDzVKTTINmlmga3ZzwcuMpUvLw7JkLy9QLKyGpD2Yxig==", "cpu": [ "x64" ], @@ -1861,9 +1878,9 @@ } }, "node_modules/@esbuild/win32-arm64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.24.0.tgz", - "integrity": "sha512-iKc8GAslzRpBytO2/aN3d2yb2z8XTVfNV0PjGlCxKo5SgWmNXx82I/Q3aG1tFfS+A2igVCY97TJ8tnYwpUWLCA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.24.2.tgz", + "integrity": "sha512-LihEQ2BBKVFLOC9ZItT9iFprsE9tqjDjnbulhHoFxYQtQfai7qfluVODIYxt1PgdoyQkz23+01rzwNwYfutxUQ==", "cpu": [ "arm64" ], @@ -1878,9 +1895,9 @@ } }, "node_modules/@esbuild/win32-ia32": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.24.0.tgz", - "integrity": "sha512-vQW36KZolfIudCcTnaTpmLQ24Ha1RjygBo39/aLkM2kmjkWmZGEJ5Gn9l5/7tzXA42QGIoWbICfg6KLLkIw6yw==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.24.2.tgz", + "integrity": "sha512-q+iGUwfs8tncmFC9pcnD5IvRHAzmbwQ3GPS5/ceCyHdjXubwQWI12MKWSNSMYLJMq23/IUCvJMS76PDqXe1fxA==", "cpu": [ "ia32" ], @@ -1895,9 +1912,9 @@ } }, "node_modules/@esbuild/win32-x64": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.24.0.tgz", - "integrity": "sha512-7IAFPrjSQIJrGsK6flwg7NFmwBoSTyF3rl7If0hNUFQU4ilTsEPL6GuMuU9BfIWVVGuRnuIidkSMC+c0Otu8IA==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.24.2.tgz", + "integrity": "sha512-7VTgWzgMGvup6aSqDPLiW5zHaxYJGTO4OokMjIlrCtf+VpEL+cXKtCvg723iguPYI5oaUNdS+/V7OU2gvXVWEg==", "cpu": [ "x64" ], @@ -2394,9 +2411,9 @@ } }, "node_modules/@tabler/icons": { - "version": "3.23.0", - "resolved": "https://registry.npmjs.org/@tabler/icons/-/icons-3.23.0.tgz", - "integrity": "sha512-Cz+X58jfRm0g/KcupXXuPw5knj671lNR054AnmLXvCjudiQBWI0wZulDDSsqDoGezvBzMTNPQtNcjLkZs82ZxQ==", + "version": "3.26.0", + "resolved": "https://registry.npmjs.org/@tabler/icons/-/icons-3.26.0.tgz", + "integrity": "sha512-oO3D4ss+DxzxqU1aDy0f1HmToyrO0gcQWIMpzHAfV1quPUx0BZYvNm5xz1DQb4DxNm/+xNvbBGLJy4pzTLYWag==", "license": "MIT", "funding": { "type": "github", @@ -2906,9 +2923,9 @@ "license": "MIT" }, "node_modules/esbuild": { - "version": "0.24.0", - "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.24.0.tgz", - "integrity": "sha512-FuLPevChGDshgSicjisSooU0cemp/sGXR841D5LHMB7mTVOmsEHcAxaH3irL53+8YDIeVNQEySh4DaYU/iuPqQ==", + "version": "0.24.2", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.24.2.tgz", + "integrity": "sha512-+9egpBW8I3CD5XPe0n6BfT5fxLzxrlDzqydF3aviG+9ni1lDC/OvMHcxqEFV0+LANZG5R1bFMWfUrjVsdwxJvA==", "dev": true, "hasInstallScript": true, "license": "MIT", @@ -2919,30 +2936,31 @@ "node": ">=18" }, "optionalDependencies": { - "@esbuild/aix-ppc64": "0.24.0", - "@esbuild/android-arm": "0.24.0", - "@esbuild/android-arm64": "0.24.0", - "@esbuild/android-x64": "0.24.0", - "@esbuild/darwin-arm64": "0.24.0", - "@esbuild/darwin-x64": "0.24.0", - "@esbuild/freebsd-arm64": "0.24.0", - "@esbuild/freebsd-x64": "0.24.0", - "@esbuild/linux-arm": "0.24.0", - "@esbuild/linux-arm64": "0.24.0", - "@esbuild/linux-ia32": "0.24.0", - "@esbuild/linux-loong64": "0.24.0", - "@esbuild/linux-mips64el": "0.24.0", - "@esbuild/linux-ppc64": "0.24.0", - "@esbuild/linux-riscv64": "0.24.0", - "@esbuild/linux-s390x": "0.24.0", - "@esbuild/linux-x64": "0.24.0", - "@esbuild/netbsd-x64": "0.24.0", - "@esbuild/openbsd-arm64": "0.24.0", - "@esbuild/openbsd-x64": "0.24.0", - "@esbuild/sunos-x64": "0.24.0", - "@esbuild/win32-arm64": "0.24.0", - "@esbuild/win32-ia32": "0.24.0", - "@esbuild/win32-x64": "0.24.0" + "@esbuild/aix-ppc64": "0.24.2", + "@esbuild/android-arm": "0.24.2", + "@esbuild/android-arm64": "0.24.2", + "@esbuild/android-x64": "0.24.2", + "@esbuild/darwin-arm64": "0.24.2", + "@esbuild/darwin-x64": "0.24.2", + "@esbuild/freebsd-arm64": "0.24.2", + "@esbuild/freebsd-x64": "0.24.2", + "@esbuild/linux-arm": "0.24.2", + "@esbuild/linux-arm64": "0.24.2", + "@esbuild/linux-ia32": "0.24.2", + "@esbuild/linux-loong64": "0.24.2", + "@esbuild/linux-mips64el": "0.24.2", + "@esbuild/linux-ppc64": "0.24.2", + "@esbuild/linux-riscv64": "0.24.2", + "@esbuild/linux-s390x": "0.24.2", + "@esbuild/linux-x64": "0.24.2", + "@esbuild/netbsd-arm64": "0.24.2", + "@esbuild/netbsd-x64": "0.24.2", + "@esbuild/openbsd-arm64": "0.24.2", + "@esbuild/openbsd-x64": "0.24.2", + "@esbuild/sunos-x64": "0.24.2", + "@esbuild/win32-arm64": "0.24.2", + "@esbuild/win32-ia32": "0.24.2", + "@esbuild/win32-x64": "0.24.2" } }, "node_modules/escalade": { @@ -3985,9 +4003,9 @@ "license": "MIT" }, "node_modules/prettier": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.1.tgz", - "integrity": "sha512-G+YdqtITVZmOJje6QkXQWzl3fSfMxFwm1tjTyo9exhkmWSqC4Yhd1+lug++IlR2mvRVAxEDDWYkQdeSztajqgg==", + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", + "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", "dev": true, "license": "MIT", "bin": { @@ -4699,13 +4717,13 @@ "license": "MIT" }, "node_modules/vite": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/vite/-/vite-6.0.1.tgz", - "integrity": "sha512-Ldn6gorLGr4mCdFnmeAOLweJxZ34HjKnDm4HGo6P66IEqTxQb36VEdFJQENKxWjupNfoIjvRUnswjn1hpYEpjQ==", + "version": "6.0.7", + "resolved": "https://registry.npmjs.org/vite/-/vite-6.0.7.tgz", + "integrity": "sha512-RDt8r/7qx9940f8FcOIAH9PTViRrghKaK2K1jY3RaAURrEUbm9Du1mJ72G+jlhtG3WwodnfzY8ORQZbBavZEAQ==", "dev": true, "license": "MIT", "dependencies": { - "esbuild": "^0.24.0", + "esbuild": "^0.24.2", "postcss": "^8.4.49", "rollup": "^4.23.0" }, diff --git a/dojo/__init__.py b/dojo/__init__.py index 5b3feec85aa..79dc67f72f9 100644 --- a/dojo/__init__.py +++ b/dojo/__init__.py @@ -4,6 +4,6 @@ # Django starts so that shared_task will use this app. from .celery import app as celery_app # noqa: F401 -__version__ = "2.41.4" +__version__ = "2.42.0" __url__ = "https://github.com/DefectDojo/django-DefectDojo" __docs__ = "https://documentation.defectdojo.com" diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py index 9ee4ce457a6..df700e6bf82 100644 --- a/dojo/api_v2/serializers.py +++ b/dojo/api_v2/serializers.py @@ -1,3 +1,4 @@ +import base64 import collections import json import logging @@ -45,6 +46,7 @@ Answer, Answered_Survey, App_Analysis, + BurpRawRequestResponse, Check_List, ChoiceAnswer, ChoiceQuestion, @@ -385,6 +387,46 @@ class BurpRawRequestResponseSerializer(serializers.Serializer): req_resp = RequestResponseSerializerField(required=True) +class BurpRawRequestResponseMultiSerializer(serializers.ModelSerializer): + burpRequestBase64 = serializers.CharField() + burpResponseBase64 = serializers.CharField() + + def to_representation(self, data): + return { + "id": data.id, + "finding": data.finding.id, + "burpRequestBase64": data.burpRequestBase64.decode("utf-8"), + "burpResponseBase64": data.burpResponseBase64.decode("utf-8"), + } + + def validate(self, data): + b64request = data.get("burpRequestBase64", None) + b64response = data.get("burpResponseBase64", None) + finding = data.get("finding", None) + # Make sure all fields are present + if not b64request or not b64response or not finding: + msg = "burpRequestBase64, burpResponseBase64, and finding are required." + raise ValidationError(msg) + # Verify we have true base64 decoding + try: + base64.b64decode(b64request, validate=True) + base64.b64decode(b64response, validate=True) + except Exception as e: + msg = "Inputs need to be valid base64 encodings" + raise ValidationError(msg) from e + # Encode the data in utf-8 to remove any bad characters + data["burpRequestBase64"] = b64request.encode("utf-8") + data["burpResponseBase64"] = b64response.encode("utf-8") + # Run the model validation - an ValidationError will be raised if there is an issue + BurpRawRequestResponse(finding=finding, burpRequestBase64=b64request, burpResponseBase64=b64response).clean() + + return data + + class Meta: + model = BurpRawRequestResponse + fields = "__all__" + + class MetaSerializer(serializers.ModelSerializer): product = serializers.PrimaryKeyRelatedField( queryset=Product.objects.all(), diff --git a/dojo/api_v2/views.py b/dojo/api_v2/views.py index 384fc91c973..90fe948b32c 100644 --- a/dojo/api_v2/views.py +++ b/dojo/api_v2/views.py @@ -60,6 +60,7 @@ ApiTestFilter, ReportFindingFilter, ReportFindingFilterWithoutObjectLookups, + TestImportAPIFilter, ) from dojo.finding.queries import ( get_authorized_findings, @@ -2259,17 +2260,9 @@ class TestImportViewSet( serializer_class = serializers.TestImportSerializer queryset = Test_Import.objects.none() filter_backends = (DjangoFilterBackend,) - filterset_fields = [ - "test", - "findings_affected", - "version", - "branch_tag", - "build_id", - "commit_hash", - "test_import_finding_action__action", - "test_import_finding_action__finding", - "test_import_finding_action__created", - ] + + filterset_class = TestImportAPIFilter + permission_classes = ( IsAuthenticated, permissions.UserHasTestImportPermission, @@ -2693,6 +2686,24 @@ def get_queryset(self): return Note_Type.objects.all().order_by("id") +class BurpRawRequestResponseViewSet( + DojoModelViewSet, +): + serializer_class = serializers.BurpRawRequestResponseMultiSerializer + queryset = BurpRawRequestResponse.objects.none() + filter_backends = (DjangoFilterBackend,) + filterset_fields = ["finding"] + + def get_queryset(self): + results = BurpRawRequestResponse.objects.all() + empty_value = b"" + results = results.exclude( + burpRequestBase64__exact=empty_value, + burpResponseBase64__exact=empty_value, + ) + return results.order_by("id") + + # Authorization: superuser class NotesViewSet( mixins.UpdateModelMixin, diff --git a/dojo/benchmark/views.py b/dojo/benchmark/views.py index 0d0c7174b96..611c690945d 100644 --- a/dojo/benchmark/views.py +++ b/dojo/benchmark/views.py @@ -1,4 +1,3 @@ -import contextlib import logging from crum import get_current_user @@ -37,9 +36,7 @@ def add_benchmark(queryset, product): benchmark_product.product = product benchmark_product.control = requirement requirements.append(benchmark_product) - - with contextlib.suppress(Exception): - Benchmark_Product.objects.bulk_create(requirements) + Benchmark_Product.objects.bulk_create(requirements) @user_is_authorized(Product, Permissions.Benchmark_Edit, "pid") diff --git a/dojo/cred/views.py b/dojo/cred/views.py index f8f7756e340..e79dc6c6b16 100644 --- a/dojo/cred/views.py +++ b/dojo/cred/views.py @@ -1,4 +1,3 @@ -import contextlib import logging from django.contrib import messages @@ -585,9 +584,7 @@ def new_cred_finding(request, fid): @user_is_authorized(Cred_User, Permissions.Credential_Delete, "ttid") def delete_cred_controller(request, destination_url, id, ttid): - cred = None - with contextlib.suppress(Exception): - cred = Cred_Mapping.objects.get(pk=ttid) + cred = Cred_Mapping.objects.filter(pk=ttid).first() if request.method == "POST": tform = CredMappingForm(request.POST, instance=cred) message = "" diff --git a/dojo/endpoint/utils.py b/dojo/endpoint/utils.py index 0d584ff6c6c..f5f01ee4e30 100644 --- a/dojo/endpoint/utils.py +++ b/dojo/endpoint/utils.py @@ -208,8 +208,8 @@ def err_log(message, html_log, endpoint_html_log, endpoint): to_be_deleted.update(ep_ids[1:]) if change: message = "Merging Endpoints {} into '{}'".format( - [f"{str(x)} (id={x.pk})" for x in ep[1:]], - f"{str(ep[0])} (id={ep[0].pk})") + [f"{x} (id={x.pk})" for x in ep[1:]], + f"{ep[0]} (id={ep[0].pk})") html_log.append(message) logger.info(message) Endpoint_Status_model.objects\ diff --git a/dojo/endpoint/views.py b/dojo/endpoint/views.py index f7807e9b5ad..bf85092a129 100644 --- a/dojo/endpoint/views.py +++ b/dojo/endpoint/views.py @@ -503,7 +503,7 @@ def import_endpoint_meta(request, pid): endpoint_meta_import(file, product, create_endpoints, create_tags, create_dojo_meta, origin="UI", request=request) except Exception as e: logger.exception(e) - add_error_message_to_response(f"An exception error occurred during the report import:{str(e)}") + add_error_message_to_response(f"An exception error occurred during the report import:{e}") return HttpResponseRedirect(reverse("endpoint") + "?product=" + pid) add_breadcrumb(title="Endpoint Meta Importer", top_level=False, request=request) diff --git a/dojo/filters.py b/dojo/filters.py index 6a1228865b1..b4c452c2fea 100644 --- a/dojo/filters.py +++ b/dojo/filters.py @@ -3212,6 +3212,7 @@ class Meta: exclude = ["users"] +# This class is used exclusively by Findings class TestImportFilter(DojoFilter): version = CharFilter(field_name="version", lookup_expr="icontains") version_exact = CharFilter(field_name="version", lookup_expr="iexact", label="Version Exact") @@ -3238,6 +3239,7 @@ class Meta: fields = [] +# This class is used exclusively by Findings class TestImportFindingActionFilter(DojoFilter): action = MultipleChoiceFilter(choices=IMPORT_ACTIONS) o = OrderingFilter( @@ -3252,6 +3254,35 @@ class Meta: fields = [] +# Used within the TestImport API +class TestImportAPIFilter(DojoFilter): + o = OrderingFilter( + # tuple-mapping retains order + fields=( + ("id", "id"), + ("created", "created"), + ("modified", "modified"), + ("version", "version"), + ("branch_tag", "branch_tag"), + ("build_id", "build_id"), + ("commit_hash", "commit_hash"), + + ), + ) + + class Meta: + model = Test_Import + fields = ["test", + "findings_affected", + "version", + "branch_tag", + "build_id", + "commit_hash", + "test_import_finding_action__action", + "test_import_finding_action__finding", + "test_import_finding_action__created"] + + class LogEntryFilter(DojoFilter): from auditlog.models import LogEntry diff --git a/dojo/finding/helper.py b/dojo/finding/helper.py index 4c1281d6653..66badd594dc 100644 --- a/dojo/finding/helper.py +++ b/dojo/finding/helper.py @@ -4,6 +4,7 @@ from django.conf import settings from django.db.models.query_utils import Q from django.db.models.signals import post_delete, pre_delete +from django.db.utils import IntegrityError from django.dispatch.dispatcher import receiver from django.utils import timezone from fieldsignals import pre_save_changed @@ -164,21 +165,22 @@ def create_finding_group(finds, finding_group_name): finding_group = Finding_Group(test=finds[0].test) finding_group.creator = get_current_user() - finding_group.name = finding_group_name + finding_group_name_dummy - finding_group.save() - available_findings = [find for find in finds if not find.finding_group_set.all()] - finding_group.findings.set(available_findings) - # if user provided a name, we use that, else: - # if we have components, we may set a nice name but catch 'name already exist' exceptions + if finding_group_name: + finding_group.name = finding_group_name + elif finding_group.components: + finding_group.name = finding_group.components try: - if finding_group_name: - finding_group.name = finding_group_name - elif finding_group.components: - finding_group.name = finding_group.components finding_group.save() - except: - pass + except IntegrityError as ie: + if "already exists" in str(ie): + finding_group.name = finding_group_name + finding_group_name_dummy + finding_group.save() + else: + raise + + available_findings = [find for find in finds if not find.finding_group_set.all()] + finding_group.findings.set(available_findings) added = len(available_findings) skipped = len(finds) - added diff --git a/dojo/finding/views.py b/dojo/finding/views.py index 18faed336b0..625cb090901 100644 --- a/dojo/finding/views.py +++ b/dojo/finding/views.py @@ -1438,25 +1438,7 @@ def reopen_finding(request, fid): status.save() # Clear the risk acceptance, if present ra_helper.risk_unaccept(request.user, finding) - - # Manage the jira status changes - push_to_jira = False - # Determine if the finding is in a group. if so, not push to jira - finding_in_group = finding.has_finding_group - # Check if there is a jira issue that needs to be updated - jira_issue_exists = finding.has_jira_issue or (finding.finding_group and finding.finding_group.has_jira_issue) - # Only push if the finding is not in a group - if jira_issue_exists: - # Determine if any automatic sync should occur - push_to_jira = jira_helper.is_push_all_issues(finding) \ - or jira_helper.get_jira_instance(finding).finding_jira_sync - # Save the finding - finding.save(push_to_jira=(push_to_jira and not finding_in_group)) - - # we only push the group after saving the finding to make sure - # the updated data of the finding is pushed as part of the group - if push_to_jira and finding_in_group: - jira_helper.push_to_jira(finding.finding_group) + jira_helper.save_and_push_to_jira(finding) reopen_external_issue(finding, "re-opened by defectdojo", "github") @@ -3010,7 +2992,7 @@ def finding_bulk_update_all(request, pid=None): success_count += 1 for error_message, error_count in error_counts.items(): - add_error_message_to_response("{error_count} finding groups could not be pushed to JIRA: {error_message}") + add_error_message_to_response(f"{error_count} finding groups could not be pushed to JIRA: {error_message}") if success_count > 0: add_success_message_to_response(f"{success_count} finding groups pushed to JIRA successfully") diff --git a/dojo/fixtures/dojo_testdata.json b/dojo/fixtures/dojo_testdata.json index ae550f8bf81..b35d570eaab 100644 --- a/dojo/fixtures/dojo_testdata.json +++ b/dojo/fixtures/dojo_testdata.json @@ -2158,8 +2158,8 @@ "fields": { "configuration_name": "Happy little JIRA 2", "url": "https://defectdojo.atlassian.net/", - "username": "YOUR USERNAME", - "password": "YOU API TOKEN", + "username": "[YOUR USERNAME]", + "password": "[YOUR API TOKEN]", "default_issue_type": "Task", "epic_name_id": 10011, "open_status_key": 11, @@ -2253,7 +2253,7 @@ "component": "", "enable_engagement_epic_mapping": true, "jira_instance": 2, - "project_key": "key1" + "project_key": "NTEST" } }, { diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py index 308331987a9..8aff8972401 100644 --- a/dojo/jira_link/helper.py +++ b/dojo/jira_link/helper.py @@ -785,7 +785,7 @@ def failure_to_add_message(message: str, exception: Exception, object: Any) -> b JIRAError.log_to_tempfile = False jira = get_jira_connection(jira_instance) except Exception as e: - message = f"The following jira instance could not be connected: {jira_instance} - {e.text}" + message = f"The following jira instance could not be connected: {jira_instance} - {e}" return failure_to_add_message(message, e, obj) # Set the list of labels to set on the jira issue labels = get_labels(obj) + get_tags(obj) @@ -793,6 +793,7 @@ def failure_to_add_message(message: str, exception: Exception, object: Any) -> b labels = list(dict.fromkeys(labels)) # de-dup # Determine what due date to set on the jira issue duedate = None + if System_Settings.objects.get().enable_finding_sla: duedate = obj.sla_deadline() # Set the fields that will compose the jira issue @@ -1104,6 +1105,7 @@ def get_issuetype_fields( issuetype_fields = None use_cloud_api = jira.deploymentType.lower() == "cloud" or jira._version < (9, 0, 0) + try: if use_cloud_api: try: @@ -1706,3 +1708,24 @@ def process_resolution_from_jira(finding, resolution_id, resolution_name, assign if status_changed: finding.save() return status_changed + + +def save_and_push_to_jira(finding): + # Manage the jira status changes + push_to_jira = False + # Determine if the finding is in a group. if so, not push to jira yet + finding_in_group = finding.has_finding_group + # Check if there is a jira issue that needs to be updated + jira_issue_exists = finding.has_jira_issue or (finding.finding_group and finding.finding_group.has_jira_issue) + # Only push if the finding is not in a group + if jira_issue_exists: + # Determine if any automatic sync should occur + push_to_jira = is_push_all_issues(finding) \ + or get_jira_instance(finding).finding_jira_sync + # Save the finding + finding.save(push_to_jira=(push_to_jira and not finding_in_group)) + + # we only push the group after saving the finding to make sure + # the updated data of the finding is pushed as part of the group + if push_to_jira and finding_in_group: + push_to_jira(finding.finding_group) diff --git a/dojo/jira_link/views.py b/dojo/jira_link/views.py index 84d33e6ffdd..372b48fbfbe 100644 --- a/dojo/jira_link/views.py +++ b/dojo/jira_link/views.py @@ -552,7 +552,7 @@ def post(self, request, tid=None): url=request.build_absolute_uri(reverse("jira"))) return HttpResponseRedirect(reverse("jira")) except Exception as e: - add_error_message_to_response(f"Unable to delete JIRA Instance, probably because it is used by JIRA Issues: {str(e)}") + add_error_message_to_response(f"Unable to delete JIRA Instance, probably because it is used by JIRA Issues: {e}") rels = ["Previewing the relationships has been disabled.", ""] display_preview = get_setting("DELETE_PREVIEW") diff --git a/dojo/management/commands/rename_mend_findings.py b/dojo/management/commands/rename_mend_findings.py index 1620e5ce93b..f99f35a8027 100644 --- a/dojo/management/commands/rename_mend_findings.py +++ b/dojo/management/commands/rename_mend_findings.py @@ -33,8 +33,8 @@ def rename_mend_finding(): logger.info("######## Updating Hashcodes - deduplication is done in the background upon finding save ########") for finding in findings: logger.info("Updating Mend Finding with id: %d", finding.id) - lib_name_begin = re.search("\\*\\*Library Filename\\*\\* : ", finding.description).span(0)[1] - lib_name_end = re.search("\\*\\*Library Description\\*\\*", finding.description).span(0)[0] + lib_name_begin = re.search(r"\*\*Library Filename\*\* : ", finding.description).span(0)[1] + lib_name_end = re.search(r"\*\*Library Description\*\*", finding.description).span(0)[0] lib_name = finding.description[lib_name_begin:lib_name_end - 1] if finding.cve is None: finding.title = "CVE-None | " + lib_name diff --git a/dojo/middleware.py b/dojo/middleware.py index 9fcb8a51dbc..239a2d92f4b 100644 --- a/dojo/middleware.py +++ b/dojo/middleware.py @@ -1,5 +1,6 @@ import logging import re +from contextlib import suppress from threading import local from urllib.parse import quote @@ -56,13 +57,10 @@ def __call__(self, request): if request.user.is_authenticated: logger.debug("Authenticated user: %s", str(request.user)) - try: + with suppress(ModuleNotFoundError): # to avoid unittests to fail uwsgi = __import__("uwsgi", globals(), locals(), ["set_logvar"], 0) # this populates dd_user log var, so can appear in the uwsgi logs uwsgi.set_logvar("dd_user", str(request.user)) - except: - # to avoid unittests to fail - pass path = request.path_info.lstrip("/") from dojo.models import Dojo_User if Dojo_User.force_password_reset(request.user) and path != "change_password": diff --git a/dojo/models.py b/dojo/models.py index fe48896daa6..99074a9cf3b 100644 --- a/dojo/models.py +++ b/dojo/models.py @@ -1619,7 +1619,7 @@ class Meta: ] def __str__(self): - return f"'{str(self.finding)}' on '{str(self.endpoint)}'" + return f"'{self.finding}' on '{self.endpoint}'" def copy(self, finding=None): copy = self diff --git a/dojo/pipeline.py b/dojo/pipeline.py index befabc0e836..91dc1500089 100644 --- a/dojo/pipeline.py +++ b/dojo/pipeline.py @@ -107,7 +107,7 @@ def update_azure_groups(backend, uid, user=None, social=None, *args, **kwargs): def is_group_id(group): - return bool(re.search("^[a-zA-Z0-9]{8,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{12,}$", group)) + return bool(re.search(r"^[a-zA-Z0-9]{8,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{4,}-[a-zA-Z0-9]{12,}$", group)) def assign_user_to_groups(user, group_names, social_provider): diff --git a/dojo/product/helpers.py b/dojo/product/helpers.py index 13c512c9c90..d8285cfb92b 100644 --- a/dojo/product/helpers.py +++ b/dojo/product/helpers.py @@ -54,5 +54,5 @@ def propagate_tags_on_product_sync(product): def propagate_tags_on_object_list(object_list): for obj in object_list: if obj and obj.id is not None: - logger.debug(f"\tPropagating tags to {str(type(obj))} - {str(obj)}") + logger.debug(f"\tPropagating tags to {type(obj)} - {obj}") obj.save() diff --git a/dojo/product/views.py b/dojo/product/views.py index 8c20b50627a..654169363dc 100644 --- a/dojo/product/views.py +++ b/dojo/product/views.py @@ -1,7 +1,6 @@ # # product import base64 import calendar as tcalendar -import contextlib import logging from collections import OrderedDict from datetime import date, datetime, timedelta @@ -958,8 +957,7 @@ def edit_product(request, pid): if get_system_setting("enable_github") and github_inst: gform = GITHUB_Product_Form(request.POST, instance=github_inst) - # need to handle delete - with contextlib.suppress(Exception): + if gform.is_valid(): gform.save() elif get_system_setting("enable_github"): gform = GITHUB_Product_Form(request.POST) diff --git a/dojo/product_type/views.py b/dojo/product_type/views.py index 8d731245ddc..e011ee4fb93 100644 --- a/dojo/product_type/views.py +++ b/dojo/product_type/views.py @@ -13,7 +13,7 @@ from dojo.authorization.authorization import user_has_permission from dojo.authorization.authorization_decorators import user_has_global_permission, user_is_authorized from dojo.authorization.roles_permissions import Permissions -from dojo.filters import ProductTypeFilter +from dojo.filters import ProductFilter, ProductFilterWithoutObjectLookups, ProductTypeFilter from dojo.forms import ( Add_Product_Type_GroupForm, Add_Product_Type_MemberForm, @@ -38,6 +38,7 @@ async_delete, get_page_items, get_setting, + get_system_setting, is_title_in_breadcrumbs, ) @@ -51,7 +52,6 @@ def product_type(request): - prod_types = get_authorized_product_types(Permissions.Product_Type_View) name_words = prod_types.values_list("name", flat=True) @@ -123,12 +123,17 @@ def view_product_type(request, ptid): groups = get_authorized_groups_for_product_type(pt, Permissions.Product_Type_View) global_groups = get_authorized_global_groups_for_product_type(pt, Permissions.Product_Type_View) products = get_authorized_products(Permissions.Product_View).filter(prod_type=pt) - products = get_page_items(request, products, 25) + filter_string_matching = get_system_setting("filter_string_matching", False) + filter_class = ProductFilterWithoutObjectLookups if filter_string_matching else ProductFilter + prod_filter = filter_class(request.GET, queryset=products, user=request.user) + products = get_page_items(request, prod_filter.qs, 25) + add_breadcrumb(title=page_name, top_level=False, request=request) return render(request, "dojo/view_product_type.html", { "name": page_name, "pt": pt, "products": products, + "prod_filter": prod_filter, "groups": groups, "members": members, "global_groups": global_groups, diff --git a/dojo/reports/views.py b/dojo/reports/views.py index f258db9db2f..061476efe1b 100644 --- a/dojo/reports/views.py +++ b/dojo/reports/views.py @@ -876,7 +876,7 @@ def get(self, request): num_endpoints = 0 for endpoint in finding.endpoints.all(): num_endpoints += 1 - endpoint_value += f"{str(endpoint)}; " + endpoint_value += f"{endpoint}; " endpoint_value = endpoint_value.removesuffix("; ") if len(endpoint_value) > EXCEL_CHAR_LIMIT: endpoint_value = endpoint_value[:EXCEL_CHAR_LIMIT - 3] + "..." @@ -889,7 +889,7 @@ def get(self, request): if num_vulnerability_ids > 5: vulnerability_ids_value += "..." break - vulnerability_ids_value += f"{str(vulnerability_id)}; " + vulnerability_ids_value += f"{vulnerability_id}; " if finding.cve and vulnerability_ids_value.find(finding.cve) < 0: vulnerability_ids_value += finding.cve vulnerability_ids_value = vulnerability_ids_value.removesuffix("; ") @@ -902,7 +902,7 @@ def get(self, request): if num_tags > 5: tags_value += "..." break - tags_value += f"{str(tag)}; " + tags_value += f"{tag}; " tags_value = tags_value.removesuffix("; ") fields.append(tags_value) @@ -1025,7 +1025,7 @@ def get(self, request): num_endpoints = 0 for endpoint in finding.endpoints.all(): num_endpoints += 1 - endpoint_value += f"{str(endpoint)}; \n" + endpoint_value += f"{endpoint}; \n" endpoint_value = endpoint_value.removesuffix("; \n") if len(endpoint_value) > EXCEL_CHAR_LIMIT: endpoint_value = endpoint_value[:EXCEL_CHAR_LIMIT - 3] + "..." @@ -1039,7 +1039,7 @@ def get(self, request): if num_vulnerability_ids > 5: vulnerability_ids_value += "..." break - vulnerability_ids_value += f"{str(vulnerability_id)}; \n" + vulnerability_ids_value += f"{vulnerability_id}; \n" if finding.cve and vulnerability_ids_value.find(finding.cve) < 0: vulnerability_ids_value += finding.cve vulnerability_ids_value = vulnerability_ids_value.removesuffix("; \n") @@ -1048,7 +1048,7 @@ def get(self, request): # tags tags_value = "" for tag in finding.tags.all(): - tags_value += f"{str(tag)}; \n" + tags_value += f"{tag}; \n" tags_value = tags_value.removesuffix("; \n") worksheet.cell(row=row_num, column=col_num, value=tags_value) col_num += 1 diff --git a/dojo/risk_acceptance/helper.py b/dojo/risk_acceptance/helper.py index 00897d134c3..a3d06a45490 100644 --- a/dojo/risk_acceptance/helper.py +++ b/dojo/risk_acceptance/helper.py @@ -22,23 +22,21 @@ def expire_now(risk_acceptance): reactivated_findings = [] if risk_acceptance.reactivate_expired: for finding in risk_acceptance.accepted_findings.all(): - if not finding.active: - logger.debug("%i:%s: unaccepting a.k.a reactivating finding.", finding.id, finding) - finding.active = True - finding.risk_accepted = False + if not finding.active: # not sure why this is important + logger.debug("%i:%s: unaccepting/reactivating finding.", finding.id, finding) + # Update any endpoint statuses on each of the findings update_endpoint_statuses(finding, accept_risk=False) + risk_unaccept(None, finding, post_comments=False) # comments will be posted at end if risk_acceptance.restart_sla_expired: finding.sla_start_date = timezone.now().date() + finding.save(dedupe_option=False) # resave if changed after risk_unaccept - finding.save(dedupe_option=False) reactivated_findings.append(finding) - # findings remain in this risk acceptance for reporting / metrics purposes else: logger.debug("%i:%s already active, no changes made.", finding.id, finding) - # best effort JIRA integration, no status changes post_jira_comments(risk_acceptance, risk_acceptance.accepted_findings.all(), expiration_message_creator) risk_acceptance.expiration_date = timezone.now() @@ -189,7 +187,7 @@ def expiration_handler(*args, **kwargs): product=risk_acceptance.engagement.product, url=reverse("view_risk_acceptance", args=(risk_acceptance.engagement.id, risk_acceptance.id))) - post_jira_comments(risk_acceptance, expiration_warning_message_creator, heads_up_days) + post_jira_comments(risk_acceptance, risk_acceptance.accepted_findings.all(), expiration_warning_message_creator, heads_up_days) risk_acceptance.expiration_date_warned = timezone.now() risk_acceptance.save() @@ -243,20 +241,22 @@ def unaccepted_message_creator(risk_acceptance, heads_up_days=0): def post_jira_comment(finding, message_factory, heads_up_days=0): - if not finding or not finding.has_jira_issue: + if not finding or (not finding.has_jira_issue and not finding.has_jira_group_issue): return - jira_project = jira_helper.get_jira_project(finding) if jira_project and jira_project.risk_acceptance_expiration_notification: jira_instance = jira_helper.get_jira_instance(finding) - if jira_instance: jira_comment = message_factory(None, heads_up_days) - logger.debug("Creating JIRA comment for something risk acceptance related") - jira_helper.add_simple_jira_comment(jira_instance, finding.jira_issue, jira_comment) + jira_issue = None + if finding.has_jira_issue: + jira_issue = finding.jira_issue + elif finding.has_jira_group_issue: + jira_issue = finding.finding_group.jira_issue + jira_helper.add_simple_jira_comment(jira_instance, jira_issue, jira_comment) def post_jira_comments(risk_acceptance, findings, message_factory, heads_up_days=0): @@ -270,11 +270,15 @@ def post_jira_comments(risk_acceptance, findings, message_factory, heads_up_days if jira_instance: jira_comment = message_factory(risk_acceptance, heads_up_days) - for finding in findings: + jira_issue = None if finding.has_jira_issue: - logger.debug("Creating JIRA comment for something risk acceptance related") - jira_helper.add_simple_jira_comment(jira_instance, finding.jira_issue, jira_comment) + jira_issue = finding.jira_issue + elif finding.has_jira_group_issue: + jira_issue = finding.finding_group.jira_issue + + if jira_issue: + jira_helper.add_simple_jira_comment(jira_instance, jira_issue, jira_comment) def get_expired_risk_acceptances_to_handle(): @@ -319,7 +323,7 @@ def simple_risk_accept(user: Dojo_User, finding: Finding, perform_save=True) -> )) -def risk_unaccept(user: Dojo_User, finding: Finding, perform_save=True) -> None: +def risk_unaccept(user: Dojo_User, finding: Finding, perform_save=True, post_comments=True) -> None: logger.debug("unaccepting finding %i:%s if it is currently risk accepted", finding.id, finding) if finding.risk_accepted: logger.debug("unaccepting finding %i:%s", finding.id, finding) @@ -336,7 +340,12 @@ def risk_unaccept(user: Dojo_User, finding: Finding, perform_save=True) -> None: # post_jira_comment might reload from database so see unaccepted finding. but the comment # only contains some text so that's ok - post_jira_comment(finding, unaccepted_message_creator) + if post_comments: + post_jira_comment(finding, unaccepted_message_creator) + + # Update the JIRA obect for this finding + jira_helper.save_and_push_to_jira(finding) + # Add a note to reflect that the finding was removed from the risk acceptance if user is not None: finding.notes.add(Notes.objects.create( diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index 06ec60e9202..4f72fa171ce 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -1774,6 +1774,7 @@ def saml2_attrib_map_format(dict): "KHV": "https://avd.aquasec.com/misconfig/kubernetes/", # e.g. https://avd.aquasec.com/misconfig/kubernetes/khv045 "CAPEC": "https://capec.mitre.org/data/definitions/&&.html", # e.g. https://capec.mitre.org/data/definitions/157.html "CWE": "https://cwe.mitre.org/data/definitions/&&.html", # e.g. https://cwe.mitre.org/data/definitions/79.html + "GLSA": "https://security.gentoo.org/", # e.g. https://security.gentoo.org/glsa/202409-32 "RLSA": "https://errata.rockylinux.org/", # e.g. https://errata.rockylinux.org/RLSA-2024:7001 "RLBA": "https://errata.rockylinux.org/", # e.g. https://errata.rockylinux.org/RLBA-2024:6968 "CGA": "https://images.chainguard.dev/security/", # e.g. https://images.chainguard.dev/security/CGA-24pq-h5fw-43v3 diff --git a/dojo/templates/dojo/view_product_type.html b/dojo/templates/dojo/view_product_type.html index 70e5058350a..4cff7efa44f 100644 --- a/dojo/templates/dojo/view_product_type.html +++ b/dojo/templates/dojo/view_product_type.html @@ -54,24 +54,28 @@

{% trans "Description" %}

{% trans "Products" %}

- {% if pt|has_object_permission:"Product_Type_Add_Product" %}
- - + + {% if pt|has_object_permission:"Product_Type_Add_Product" %} + + + {% endif %}
- {% endif %}
+
+ {% include "dojo/filter_snippet.html" with form=prod_filter.form %} +
{% if products %}
{% include "dojo/paging_snippet.html" with page=products page_size=True %} @@ -325,3 +329,6 @@

{% endblock %} +{% block postscript %} + {% include "dojo/filter_js_snippet.html" %} +{% endblock %} \ No newline at end of file diff --git a/dojo/templatetags/display_tags.py b/dojo/templatetags/display_tags.py index df0ed46f538..94bcf80d6e5 100644 --- a/dojo/templatetags/display_tags.py +++ b/dojo/templatetags/display_tags.py @@ -431,13 +431,12 @@ def pic_token(context, image, size): @register.filter def inline_image(image_file): - try: - if img_type := mimetypes.guess_type(image_file.file.name)[0]: - if img_type.startswith("image/"): - img_data = base64.b64encode(image_file.file.read()) - return f"data:{img_type};base64, {img_data.decode('utf-8')}" - except: - pass + # TODO: This code might need better exception handling or data processing + if img_types := mimetypes.guess_type(image_file.file.name): + img_type = img_types[0] + if img_type.startswith("image/"): + img_data = base64.b64encode(image_file.file.read()) + return f"data:{img_type};base64, {img_data.decode('utf-8')}" return "" @@ -777,6 +776,8 @@ def vulnerability_url(vulnerability_id): for key in settings.VULNERABILITY_URLS: if vulnerability_id.upper().startswith(key): + if key == "GLSA": + return settings.VULNERABILITY_URLS[key] + str(vulnerability_id.replace("GLSA-", "glsa/")) if key in ["AVD", "KHV", "C-"]: return settings.VULNERABILITY_URLS[key] + str(vulnerability_id.lower()) if "&&" in settings.VULNERABILITY_URLS[key]: diff --git a/dojo/tools/api_bugcrowd/importer.py b/dojo/tools/api_bugcrowd/importer.py index e47dba8a409..d83d1edf3cd 100644 --- a/dojo/tools/api_bugcrowd/importer.py +++ b/dojo/tools/api_bugcrowd/importer.py @@ -16,7 +16,7 @@ class BugcrowdApiImporter: def get_findings(self, test): client, config = self.prepare_client(test) logger.debug( - f"Fetching submissions program {str(config.service_key_1)} and target {str(config.service_key_2)}", + f"Fetching submissions program {config.service_key_1} and target {config.service_key_2}", ) submissions_paged = client.get_findings( diff --git a/dojo/tools/api_bugcrowd/parser.py b/dojo/tools/api_bugcrowd/parser.py index da06880fd27..1bb5a28bd37 100644 --- a/dojo/tools/api_bugcrowd/parser.py +++ b/dojo/tools/api_bugcrowd/parser.py @@ -155,7 +155,7 @@ def get_findings(self, file, test): finding.unsaved_endpoints = [bug_endpoint] except Exception as e: logger.error( - f"{str(bug_endpoint)} bug url from bugcrowd failed to parse to endpoint, error= {e}", + f"{bug_endpoint} bug url from bugcrowd failed to parse to endpoint, error= {e}", ) except ValidationError: logger.error( diff --git a/dojo/tools/appcheck_web_application_scanner/engines/base.py b/dojo/tools/appcheck_web_application_scanner/engines/base.py index e07433c2946..84523b90435 100644 --- a/dojo/tools/appcheck_web_application_scanner/engines/base.py +++ b/dojo/tools/appcheck_web_application_scanner/engines/base.py @@ -205,7 +205,7 @@ def parse_initial_date(self, finding: Finding, value: str) -> None: ##### # For parsing CVEs ##### - CVE_PATTERN = re.compile("CVE-[0-9]+-[0-9]+", re.IGNORECASE) + CVE_PATTERN = re.compile(r"CVE-[0-9]+-[0-9]+", re.IGNORECASE) def is_cve(self, c: str) -> bool: return bool(c and isinstance(c, str) and self.CVE_PATTERN.fullmatch(c)) diff --git a/dojo/tools/blackduck/parser.py b/dojo/tools/blackduck/parser.py index a6a127fcdb3..30954bc8d87 100644 --- a/dojo/tools/blackduck/parser.py +++ b/dojo/tools/blackduck/parser.py @@ -89,10 +89,10 @@ def format_title(self, i): return f"{i.vuln_id} - {component_title}" def format_description(self, i): - description = f"Published on: {str(i.published_date)}\n\n" - description += f"Updated on: {str(i.updated_date)}\n\n" - description += f"Base score: {str(i.base_score)}\n\n" - description += f"Exploitability: {str(i.exploitability)}\n\n" + description = f"Published on: {i.published_date}\n\n" + description += f"Updated on: {i.updated_date}\n\n" + description += f"Base score: {i.base_score}\n\n" + description += f"Exploitability: {i.exploitability}\n\n" description += f"Description: {i.description}\n" return description diff --git a/dojo/tools/blackduck_binary_analysis/parser.py b/dojo/tools/blackduck_binary_analysis/parser.py index 77f9647fc6f..b0ccd0b9642 100644 --- a/dojo/tools/blackduck_binary_analysis/parser.py +++ b/dojo/tools/blackduck_binary_analysis/parser.py @@ -115,30 +115,30 @@ def format_title(self, i): return title def format_description(self, i): - description = f"CSV Result: {str(i.report_name)}\n" - description += f"Vulnerable Component: {str(i.component)}\n" - description += f"Vulnerable Component Version in Use: {str(i.version)}\n" - description += f"Vulnerable Component Latest Version: {str(i.latest_version)}\n" - description += f"Matching Type: {str(i.matching_type)}\n" - description += f"Object Name: {str(i.object_name)}\n" - description += f"Object Extraction Path: {str(i.object_full_path)}\n" - description += f"Object Compilation Date: {str(i.object_compilation_date)}\n" - description += f"Object SHA1: {str(i.object_sha1)}\n" - description += f"CVE: {str(i.cve)}\n" - description += f"CVE Publication Date: {str(i.cve_publication_date)}\n" - description += f"Distribution Package: {str(i.distribution_package)}\n" - description += f"Missing Exploit Mitigations: {str(i.missing_exploit_mitigations)}\n" - description += f"BDSA: {str(i.bdsa)}\n" - description += f"Summary:\n{str(i.summary)}\n" - description += f"Note Type:\n{str(i.note_type)}\n" - description += f"Note Reason:\n{str(i.note_reason)}\n" - description += f"Triage Vectors:\n{str(i.triage_vectors)}\n" - description += f"Unresolving Triage Vectors:\n{str(i.triage_vectors)}\n" + description = f"CSV Result: {i.report_name}\n" + description += f"Vulnerable Component: {i.component}\n" + description += f"Vulnerable Component Version in Use: {i.version}\n" + description += f"Vulnerable Component Latest Version: {i.latest_version}\n" + description += f"Matching Type: {i.matching_type}\n" + description += f"Object Name: {i.object_name}\n" + description += f"Object Extraction Path: {i.object_full_path}\n" + description += f"Object Compilation Date: {i.object_compilation_date}\n" + description += f"Object SHA1: {i.object_sha1}\n" + description += f"CVE: {i.cve}\n" + description += f"CVE Publication Date: {i.cve_publication_date}\n" + description += f"Distribution Package: {i.distribution_package}\n" + description += f"Missing Exploit Mitigations: {i.missing_exploit_mitigations}\n" + description += f"BDSA: {i.bdsa}\n" + description += f"Summary:\n{i.summary}\n" + description += f"Note Type:\n{i.note_type}\n" + description += f"Note Reason:\n{i.note_reason}\n" + description += f"Triage Vectors:\n{i.triage_vectors}\n" + description += f"Unresolving Triage Vectors:\n{i.triage_vectors}\n" return description def format_mitigation(self, i): - return f"Upgrade {str(i.component)} to latest version: {str(i.latest_version)}.\n" + return f"Upgrade {i.component} to latest version: {i.latest_version}.\n" def format_impact(self, i): impact = "The use of vulnerable third-party open source software in applications can have numerous negative impacts:\n\n" @@ -150,7 +150,7 @@ def format_impact(self, i): return impact def format_references(self, i): - references = f"BDSA: {str(i.bdsa)}\n" - references += f"NIST CVE Details: {str(i.vulnerability_url)}\n" + references = f"BDSA: {i.bdsa}\n" + references += f"NIST CVE Details: {i.vulnerability_url}\n" return references diff --git a/dojo/tools/burp_enterprise/parser.py b/dojo/tools/burp_enterprise/parser.py index 052d8a80f84..58b2a5a6ea6 100644 --- a/dojo/tools/burp_enterprise/parser.py +++ b/dojo/tools/burp_enterprise/parser.py @@ -162,7 +162,7 @@ def _set_or_append_content(self, finding_details: dict, header: str, div_element cleaned_item = item.split(":")[0] if ( finding_details["cwe"] is None - and (cwe_search := re.search("CWE-([0-9]*)", cleaned_item, re.IGNORECASE)) + and (cwe_search := re.search(r"CWE-([0-9]*)", cleaned_item, re.IGNORECASE)) ): finding_details["cwe"] = int(cwe_search.group(1)) if "vulnerability_ids" not in finding_details: diff --git a/dojo/tools/burp_graphql/parser.py b/dojo/tools/burp_graphql/parser.py index 9b37760e2a8..11df852dc54 100644 --- a/dojo/tools/burp_graphql/parser.py +++ b/dojo/tools/burp_graphql/parser.py @@ -219,7 +219,7 @@ def parse_evidence(self, evidence): def get_cwe(self, cwe_html): # Match only the first CWE! - cweSearch = re.search("CWE-([0-9]*)", cwe_html, re.IGNORECASE) + cweSearch = re.search(r"CWE-([0-9]*)", cwe_html, re.IGNORECASE) if cweSearch: return cweSearch.group(1) return 0 diff --git a/dojo/tools/crashtest_security/parser.py b/dojo/tools/crashtest_security/parser.py index deedb916b81..a12c194723a 100644 --- a/dojo/tools/crashtest_security/parser.py +++ b/dojo/tools/crashtest_security/parser.py @@ -185,7 +185,7 @@ def get_items(self, tree, test): title = re.sub(r" \([0-9]*\)$", "", title) # Attache CVEs - vulnerability_id = re.findall("CVE-\\d{4}-\\d{4,10}", title)[0] if "CVE" in title else None + vulnerability_id = re.findall(r"CVE-\d{4}-\d{4,10}", title)[0] if "CVE" in title else None description = failure.get("message") severity = failure.get("type").capitalize() diff --git a/dojo/tools/cyclonedx/xml_parser.py b/dojo/tools/cyclonedx/xml_parser.py index 70682c0c6a8..55aa4995356 100644 --- a/dojo/tools/cyclonedx/xml_parser.py +++ b/dojo/tools/cyclonedx/xml_parser.py @@ -104,7 +104,7 @@ def manage_vulnerability_legacy( [ f"**Ref:** {ref}", f"**Id:** {vuln_id}", - f"**Severity:** {str(severity)}", + f"**Severity:** {severity}", ], ) if component_name is None: diff --git a/dojo/tools/factory.py b/dojo/tools/factory.py index 04930321c50..b69fea12ac0 100644 --- a/dojo/tools/factory.py +++ b/dojo/tools/factory.py @@ -115,7 +115,7 @@ def requires_tool_type(scan_type): # iterate through the modules in the current package package_dir = str(Path(__file__).resolve().parent) -for module_name in os.listdir(package_dir): +for module_name in os.listdir(package_dir): # noqa: PTH208 # check if it's dir if Path(os.path.join(package_dir, module_name)).is_dir(): try: diff --git a/dojo/tools/gitlab_api_fuzzing/parser.py b/dojo/tools/gitlab_api_fuzzing/parser.py index c536dc00205..1095d21a657 100644 --- a/dojo/tools/gitlab_api_fuzzing/parser.py +++ b/dojo/tools/gitlab_api_fuzzing/parser.py @@ -28,12 +28,11 @@ def get_findings(self, file, test): title = vulnerability["name"] severity = self.normalise_severity(vulnerability["severity"]) description = vulnerability.get("category", "") - try: - location = vulnerability["location"] - description += "\n" + location["crash_type"] - description += "\n" + location["crash_state"] - except: - pass + if location := vulnerability.get("location"): + if crash_type := location.get("crash_type"): + description += f"\n{crash_type}" + if crash_state := location.get("crash_state"): + description += f"\n{crash_state}" findings.append( Finding( title=title, diff --git a/dojo/tools/gosec/parser.py b/dojo/tools/gosec/parser.py index 20ccbcae062..d7e32f46a85 100644 --- a/dojo/tools/gosec/parser.py +++ b/dojo/tools/gosec/parser.py @@ -34,7 +34,7 @@ def get_findings(self, filename, test): # Finding details information findingdetail += f"Filename: {filename}\n\n" - findingdetail += f"Line number: {str(line)}\n\n" + findingdetail += f"Line number: {line}\n\n" findingdetail += f"Issue Confidence: {scanner_confidence}\n\n" findingdetail += "Code:\n\n" findingdetail += "```{}```".format(item["code"]) diff --git a/dojo/tools/h1/parser.py b/dojo/tools/h1/parser.py index 62072f5eb27..772700f3176 100644 --- a/dojo/tools/h1/parser.py +++ b/dojo/tools/h1/parser.py @@ -118,11 +118,8 @@ def build_description(self, content): description += f"Triaged: {triaged_date}\n" # Try to grab CVSS - try: - cvss = content["relationships"]["severity"]["data"]["attributes"]["score"] + if cvss := content.get("relationships", {}).get("severity", {}).get("data", {}).get("attributes", {}).get("score"): description += f"CVSS: {cvss}\n" - except Exception: - pass # Build rest of description meat description += "##Report: \n{}\n".format( @@ -130,12 +127,9 @@ def build_description(self, content): ) # Try to grab weakness if it's there - try: - weakness_title = content["relationships"]["weakness"]["data"]["attributes"]["name"] - weakness_desc = content["relationships"]["weakness"]["data"]["attributes"]["description"] - description += f"\n##Weakness: {weakness_title}\n{weakness_desc}" - except Exception: - pass + if weakness_title := content.get("relationships", {}).get("weakness", {}).get("data", {}).get("attributes", {}).get("name"): + if weakness_desc := content.get("relationships", {}).get("weakness", {}).get("data", {}).get("attributes", {}).get("description"): + description += f"\n##Weakness: {weakness_title}\n{weakness_desc}" return description diff --git a/dojo/tools/kiuwan/parser.py b/dojo/tools/kiuwan/parser.py index 34601b05aae..1caeb78c803 100644 --- a/dojo/tools/kiuwan/parser.py +++ b/dojo/tools/kiuwan/parser.py @@ -1,4 +1,3 @@ -import contextlib import csv import hashlib import io @@ -105,8 +104,9 @@ def get_findings(self, filename, test): finding.mitigation = "Not provided!" finding.severity = findingdict["severity"] finding.static_finding = True - with contextlib.suppress(Exception): - finding.cwe = int(row["CWE"]) + if cwe := row.get("CWE"): + if cwe.isdigit(): + finding.cwe = int(cwe) if finding is not None: if finding.title is None: diff --git a/dojo/tools/microfocus_webinspect/parser.py b/dojo/tools/microfocus_webinspect/parser.py index bf4475580d0..df1b4f84bac 100644 --- a/dojo/tools/microfocus_webinspect/parser.py +++ b/dojo/tools/microfocus_webinspect/parser.py @@ -111,7 +111,7 @@ def convert_severity(val): @staticmethod def get_cwe(val): # Match only the first CWE! - cweSearch = re.search("CWE-(\\d+)", val, re.IGNORECASE) + cweSearch = re.search(r"CWE-(\d+)", val, re.IGNORECASE) if cweSearch: return int(cweSearch.group(1)) return 0 diff --git a/dojo/tools/nexpose/parser.py b/dojo/tools/nexpose/parser.py index d6b63c66c8a..08916d42901 100644 --- a/dojo/tools/nexpose/parser.py +++ b/dojo/tools/nexpose/parser.py @@ -265,7 +265,7 @@ def get_items(self, tree, vulns, test): "severity": "Info", "tags": [ re.sub( - "[^A-Za-z0-9]+", + r"[^A-Za-z0-9]+", "-", service.get("name").lower(), ).rstrip("-"), diff --git a/dojo/tools/npm_audit/parser.py b/dojo/tools/npm_audit/parser.py index 6296477a971..186f133e6ab 100644 --- a/dojo/tools/npm_audit/parser.py +++ b/dojo/tools/npm_audit/parser.py @@ -66,7 +66,7 @@ def censor_path_hashes(path): if not path: return None - return re.sub("[a-f0-9]{64}", "censored_by_npm_audit", path) + return re.sub(r"[a-f0-9]{64}", "censored_by_npm_audit", path) def get_item(item_node, test): diff --git a/dojo/tools/qualys_webapp/parser.py b/dojo/tools/qualys_webapp/parser.py index 825d55b531a..989e5ba48cd 100644 --- a/dojo/tools/qualys_webapp/parser.py +++ b/dojo/tools/qualys_webapp/parser.py @@ -34,7 +34,7 @@ def truncate_str(value: str, maxlen: int): # Parse 'CWE-XXXX' format to strip just the numbers def get_cwe(cwe): - cweSearch = re.search("CWE-([0-9]*)", cwe, re.IGNORECASE) + cweSearch = re.search(r"CWE-([0-9]*)", cwe, re.IGNORECASE) if cweSearch: return cweSearch.group(1) return 0 diff --git a/dojo/tools/sarif/parser.py b/dojo/tools/sarif/parser.py index aa3d878ffb4..4c539583564 100644 --- a/dojo/tools/sarif/parser.py +++ b/dojo/tools/sarif/parser.py @@ -156,7 +156,7 @@ def get_message_from_multiformatMessageString(data, rule): def cve_try(val): # Match only the first CVE! - cveSearch = re.search("(CVE-[0-9]+-[0-9]+)", val, re.IGNORECASE) + cveSearch = re.search(r"(CVE-[0-9]+-[0-9]+)", val, re.IGNORECASE) if cveSearch: return cveSearch.group(1).upper() return None @@ -241,10 +241,10 @@ def get_codeFlowsDescription(codeFlows): snippet = "" if "startLine" in region: - start_line = f":L{str(region.get('startLine'))}" + start_line = f":L{region.get('startLine')}" if "startColumn" in region: - start_column = f":C{str(region.get('startColumn'))}" + start_column = f":C{region.get('startColumn')}" if "snippet" in region: snippet = f"\t-\t{region.get('snippet').get('text')}" diff --git a/dojo/tools/sonarqube/soprasteria_helper.py b/dojo/tools/sonarqube/soprasteria_helper.py index 2e7259e6376..63b59607e6a 100644 --- a/dojo/tools/sonarqube/soprasteria_helper.py +++ b/dojo/tools/sonarqube/soprasteria_helper.py @@ -41,7 +41,7 @@ def get_references(self, rule_name, vuln_details): def get_cwe(self, vuln_references): # Match only the first CWE! - cweSearch = re.search("CWE-([0-9]*)", vuln_references, re.IGNORECASE) + cweSearch = re.search(r"CWE-([0-9]*)", vuln_references, re.IGNORECASE) if cweSearch: return cweSearch.group(1) return 0 diff --git a/dojo/tools/tenable/xml_format.py b/dojo/tools/tenable/xml_format.py index ae63151ec5a..045a17e0c37 100644 --- a/dojo/tools/tenable/xml_format.py +++ b/dojo/tools/tenable/xml_format.py @@ -112,8 +112,8 @@ def get_findings(self, filename: str, test: Test) -> list: item.find("plugin_output"), ) if plugin_output_element_text is not None: - plugin_output = f"Plugin Output: {ip}{str(f':{port}' if port is not None else '')}" - plugin_output += f"\n```\n{str(plugin_output_element_text)}\n```\n\n" + plugin_output = f"Plugin Output: {ip}{f':{port}' if port is not None else ''}" + plugin_output += f"\n```\n{plugin_output_element_text}\n```\n\n" description += plugin_output # Determine the severity diff --git a/dojo/tools/trivy_operator/uniform_vulnid.py b/dojo/tools/trivy_operator/uniform_vulnid.py index b3aae5055e4..b03ef9acbed 100644 --- a/dojo/tools/trivy_operator/uniform_vulnid.py +++ b/dojo/tools/trivy_operator/uniform_vulnid.py @@ -8,12 +8,12 @@ def return_uniformed_vulnid(self, vulnid): if "cve" in vulnid.lower(): return vulnid if "khv" in vulnid.lower(): - temp = re.compile("([a-zA-Z-_]+)([0-9]+)") + temp = re.compile(r"([a-zA-Z-_]+)([0-9]+)") number = str(temp.match(vulnid).groups()[1]).zfill(3) avd_category = str(temp.match(vulnid.lower()).groups()[0]) return avd_category.upper() + number if "ksv" in vulnid.lower() or "kcv" in vulnid.lower(): - temp = re.compile("([a-zA-Z-_]+)([0-9]+)") + temp = re.compile(r"([a-zA-Z-_]+)([0-9]+)") number = str(temp.match(vulnid).groups()[1]).zfill(4) avd_category = str(temp.match(vulnid.lower().replace("_", "").replace("-", "")).groups()[0].replace("avd", "")) return "AVD-" + avd_category.upper() + "-" + number diff --git a/dojo/tools/veracode/json_parser.py b/dojo/tools/veracode/json_parser.py index b873ada3531..df83cbb802e 100644 --- a/dojo/tools/veracode/json_parser.py +++ b/dojo/tools/veracode/json_parser.py @@ -85,13 +85,13 @@ def get_items(self, tree, test): if not finding: continue # Set the date of the finding from the report if it is present - try: + if finding_status := vuln.get("finding_status"): if settings.USE_FIRST_SEEN: - finding.date = parser.parse(vuln.get("finding_status", {}).get("first_found_date", "")) + if first_found_date := finding_status.get("first_found_date"): + finding.date = parser.parse(first_found_date) else: - finding.date = parser.parse(vuln.get("finding_status", {}).get("last_found_date", "")) - except Exception: - pass + if last_found_date := finding_status.get("last_found_date"): + finding.date = parser.parse(last_found_date) # Generate the description finding = self.parse_description(finding, vuln.get("description"), scan_type) finding.nb_occurences = vuln.get("count", 1) @@ -129,7 +129,7 @@ def create_finding_from_details(self, finding_details, scan_type, policy_violate if uncleaned_cvss.startswith(("CVSS:3.1/", "CVSS:3.0/")): finding.cvssv3 = CVSS3(str(uncleaned_cvss)).clean_vector(output_prefix=True) elif not uncleaned_cvss.startswith("CVSS"): - finding.cvssv3 = CVSS3(f"CVSS:3.1/{str(uncleaned_cvss)}").clean_vector(output_prefix=True) + finding.cvssv3 = CVSS3(f"CVSS:3.1/{uncleaned_cvss}").clean_vector(output_prefix=True) elif isinstance(uncleaned_cvss, float | int): finding.cvssv3_score = float(uncleaned_cvss) # Fill in extra info based on the scan type @@ -238,7 +238,7 @@ def add_sca_details(self, finding, finding_details, backup_title=None) -> Findin # See if the CVSS has already been set. If not, use the one here if not finding.cvssv3: if cvss_vector := cve_dict.get("cvss3", {}).get("vector"): - finding.cvssv3 = CVSS3(f"CVSS:3.1/{str(cvss_vector)}").clean_vector(output_prefix=True) + finding.cvssv3 = CVSS3(f"CVSS:3.1/{cvss_vector}").clean_vector(output_prefix=True) # Put the product ID in the metadata if product_id := finding_details.get("product_id"): finding.description += f"**Product ID**: {product_id}\n" diff --git a/dojo/tools/veracode/xml_parser.py b/dojo/tools/veracode/xml_parser.py index 17061402d6f..1e53b5545c4 100644 --- a/dojo/tools/veracode/xml_parser.py +++ b/dojo/tools/veracode/xml_parser.py @@ -271,7 +271,7 @@ def __xml_dynamic_flaw_to_finding( @staticmethod def _get_cwe(val): # Match only the first CWE! - cweSearch = re.search("CWE-(\\d+)", val, re.IGNORECASE) + cweSearch = re.search(r"CWE-(\d+)", val, re.IGNORECASE) if cweSearch: return int(cweSearch.group(1)) return None diff --git a/dojo/tools/wapiti/parser.py b/dojo/tools/wapiti/parser.py index 335281b9701..591ae3a390b 100644 --- a/dojo/tools/wapiti/parser.py +++ b/dojo/tools/wapiti/parser.py @@ -104,7 +104,7 @@ def get_findings(self, file, test): @staticmethod def get_cwe(val): # Match only the first CWE! - cweSearch = re.search("CWE-(\\d+)", val, re.IGNORECASE) + cweSearch = re.search(r"CWE-(\d+)", val, re.IGNORECASE) if cweSearch: return int(cweSearch.group(1)) return None diff --git a/dojo/urls.py b/dojo/urls.py index 1e36b67d4f8..a450c115e8a 100644 --- a/dojo/urls.py +++ b/dojo/urls.py @@ -14,6 +14,7 @@ from dojo.api_v2.views import ( AnnouncementViewSet, AppAnalysisViewSet, + BurpRawRequestResponseViewSet, ConfigurationPermissionViewSet, CredentialsMappingViewSet, CredentialsViewSet, @@ -156,6 +157,7 @@ v2_api.register(r"product_type_groups", ProductTypeGroupViewSet, basename="product_type_group") v2_api.register(r"regulations", RegulationsViewSet, basename="regulations") v2_api.register(r"reimport-scan", ReImportScanView, basename="reimportscan") +v2_api.register(r"request_response_pairs", BurpRawRequestResponseViewSet, basename="request_response_pairs") v2_api.register(r"risk_acceptance", RiskAcceptanceViewSet, basename="risk_acceptance") v2_api.register(r"roles", RoleViewSet, basename="role") v2_api.register(r"sla_configurations", SLAConfigurationViewset, basename="sla_configurations") diff --git a/dojo/user/validators.py b/dojo/user/validators.py index 83ee954419e..f6b665bc1c2 100644 --- a/dojo/user/validators.py +++ b/dojo/user/validators.py @@ -45,7 +45,7 @@ def get_help_text(self): class UppercaseValidator: def validate(self, password, user=None): - if not re.findall("[A-Z]", password) and get_system_setting("uppercase_character_required"): + if not re.findall(r"[A-Z]", password) and get_system_setting("uppercase_character_required"): raise ValidationError( self.get_help_text(), code="password_no_upper") @@ -57,7 +57,7 @@ def get_help_text(self): class LowercaseValidator: def validate(self, password, user=None): - if not re.findall("[a-z]", password) and get_system_setting("lowercase_character_required"): + if not re.findall(r"[a-z]", password) and get_system_setting("lowercase_character_required"): raise ValidationError( self.get_help_text(), code="password_no_lower") diff --git a/dojo/user/views.py b/dojo/user/views.py index 0f8914e4adf..44ba788253b 100644 --- a/dojo/user/views.py +++ b/dojo/user/views.py @@ -647,7 +647,7 @@ def clean(self): connection.open() connection.close() except Exception as e: - logger.error(f"SMTP Server Connection Failure: {str(e)}") + logger.error(f"SMTP Server Connection Failure: {e}") msg = "SMTP server is not configured correctly..." raise ValidationError(msg) diff --git a/helm/defectdojo/Chart.lock b/helm/defectdojo/Chart.lock index 7a0e49b95de..591ab3ae6e9 100644 --- a/helm/defectdojo/Chart.lock +++ b/helm/defectdojo/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami - version: 16.2.0 + version: 16.3.0 - name: postgresql-ha repository: https://charts.bitnami.com/bitnami version: 9.4.11 - name: redis repository: https://charts.bitnami.com/bitnami version: 19.6.4 -digest: sha256:0d2e729a1b07543cb813f80f5d05c67ad56817f1b44911e08245e43868f49301 -generated: "2024-11-14T10:51:48.400717864Z" +digest: sha256:896db01c8521d42f6830a84190fb0a679afb2a999a79e3d82226d0b871f7778d +generated: "2024-12-11T06:49:40.425726453Z" diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml index d6c561dc9a9..3b6c3581684 100644 --- a/helm/defectdojo/Chart.yaml +++ b/helm/defectdojo/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "2.41.4" +appVersion: "2.42.0" description: A Helm chart for Kubernetes to install DefectDojo name: defectdojo -version: 1.6.166 +version: 1.6.167 icon: https://www.defectdojo.org/img/favicon.ico maintainers: - name: madchap @@ -10,7 +10,7 @@ maintainers: url: https://github.com/DefectDojo/django-DefectDojo dependencies: - name: postgresql - version: ~16.2.0 + version: ~16.3.0 repository: "https://charts.bitnami.com/bitnami" condition: postgresql.enabled - name: postgresql-ha diff --git a/helm/defectdojo/values.yaml b/helm/defectdojo/values.yaml index 8cd5d0aca3b..0deb30aaff4 100644 --- a/helm/defectdojo/values.yaml +++ b/helm/defectdojo/values.yaml @@ -125,7 +125,7 @@ monitoring: # Add the nginx prometheus exporter sidecar prometheus: enabled: false - image: nginx/nginx-prometheus-exporter:1.3.0 + image: nginx/nginx-prometheus-exporter:1.4.0 imagePullPolicy: IfNotPresent annotations: {} @@ -478,7 +478,7 @@ cloudsql: image: # set repo and image tag of gce-proxy repository: gcr.io/cloudsql-docker/gce-proxy - tag: 1.37.2 + tag: 1.37.3 pullPolicy: IfNotPresent # set CloudSQL instance: 'project:zone:instancename' instance: "" diff --git a/requirements-lint.txt b/requirements-lint.txt index 6821d390595..8f161d317ec 100644 --- a/requirements-lint.txt +++ b/requirements-lint.txt @@ -1 +1 @@ -ruff==0.7.4 +ruff==0.8.1 \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index f9c0a7d1c3e..e112ad95afa 100644 --- a/requirements.txt +++ b/requirements.txt @@ -21,7 +21,7 @@ django-slack==5.19.0 git+https://github.com/DefectDojo/django-tagging@develop#egg=django-tagging django-watson==1.6.3 django-prometheus==2.3.1 -Django==5.1.3 +Django==5.1.4 djangorestframework==3.15.2 html2text==2024.2.26 humanize==4.11.0 @@ -35,18 +35,18 @@ psycopg[c]==3.2.3 cryptography==44.0.0 python-dateutil==2.9.0.post0 pytz==2024.2 -redis==5.2.0 +redis==5.2.1 requests==2.32.3 sqlalchemy==2.0.36 # Required by Celery broker transport urllib3==1.26.18 uWSGI==2.0.28 -vobject==0.9.8 +vobject==0.9.9 whitenoise==5.2.0 titlecase==2.4.1 social-auth-app-django==5.4.2 social-auth-core==4.5.4 gitpython==3.1.43 -python-gitlab==5.1.0 +python-gitlab==5.3.0 cpe==1.3.1 packageurl-python==0.16.0 django-crum==0.7.9 @@ -63,13 +63,13 @@ django-fieldsignals==0.7.0 hyperlink==21.0.0 django-test-migrations==1.4.0 djangosaml2==1.9.3 -drf-spectacular==0.27.2 -drf-spectacular-sidecar==2024.11.1 +drf-spectacular==0.28.0 +drf-spectacular-sidecar==2024.12.1 django-ratelimit==4.1.0 argon2-cffi==23.1.0 blackduck==1.1.3 -pycurl==7.45.3 # Required for Celery Broker AWS (SQS) support -boto3==1.35.71 # Required for Celery Broker AWS (SQS) support +pycurl==7.45.4 # Required for Celery Broker AWS (SQS) support +boto3==1.35.91 # Required for Celery Broker AWS (SQS) support netaddr==1.3.0 vulners==2.2.3 fontawesomefree==6.6.0 diff --git a/ruff.toml b/ruff.toml index e9008490a55..12b556d5cf3 100644 --- a/ruff.toml +++ b/ruff.toml @@ -41,7 +41,7 @@ select = [ "UP", "YTT", "ASYNC", - "S2", "S5", "S7", "S101", "S104", "S105", "S106", "S108", "S311", "S112", "S113", + "S1", "S2", "S5", "S7", "S311", "FBT001", "FBT003", "A003", "A004", "A005", "A006", "COM", @@ -93,10 +93,8 @@ ignore = [ "SIM115", "SIM116", "SIM117", - "RUF010", "RUF012", "RUF015", - "RUF027", "D205", "D211", # `one-blank-line-before-class` (D203) and `no-blank-line-before-class` (D211) are incompatible. "D212", # `multi-line-summary-first-line` (D212) and `multi-line-summary-second-line` (D213) are incompatible. diff --git a/tests/Import_scanner_test.py b/tests/Import_scanner_test.py index 737b48bdcf0..8f0ac1beb53 100644 --- a/tests/Import_scanner_test.py +++ b/tests/Import_scanner_test.py @@ -28,9 +28,10 @@ def setUp(self): git.Repo.clone_from("https://github.com/DefectDojo/sample-scan-files", self.repo_path) self.remove_items = ["__init__.py", "__init__.pyc", "factory.py", "factory.pyc", "factory.py", "LICENSE", "README.md", ".gitignore", ".git", "__pycache__"] - tool_path = dir_path[:-5] + "dojo/tools" - tools = sorted(os.listdir(tool_path)) - tests = sorted(os.listdir(self.repo_path)) + tool_path = Path(dir_path[:-5] + "dojo/tools") + tools = sorted(any(tool_path.iterdir())) + p = Path(self.repo_path) + tests = sorted(any(p.iterdir())) self.tools = [i for i in tools if i not in self.remove_items] self.tests = [i for i in tests if i not in self.remove_items] @@ -43,7 +44,8 @@ def test_check_test_file(self): missing_tests += ["\nNO TEST FILES"] for test in self.tests: - cases = sorted(os.listdir(self.repo_path + "/" + test)) + p = Path(self.repo_path + "/" + test) + cases = sorted(any(p.iterdir())) cases = [i for i in cases if i not in self.remove_items] if len(cases) == 0 and tool not in missing_tests: missing_tests += [test] @@ -145,8 +147,8 @@ def test_engagement_import_scan_result(self): options_text = [scan.strip() for scan in options_text] mod_options = options_text - mod_options = [re.sub(" Scanner", "", scan) for scan in mod_options] - mod_options = [re.sub(" Scan", "", scan) for scan in mod_options] + mod_options = [scan.replace(" Scanner", "") for scan in mod_options] + mod_options = [scan.replace(" Scan", "") for scan in mod_options] mod_options = [scan.lower().replace("-", " ").replace(".", "") for scan in mod_options] acronyms = [] @@ -172,15 +174,13 @@ def test_engagement_import_scan_result(self): index = list(found_matches.keys())[0] scan_map[test] = options_text[index] elif len(found_matches) > 1: - try: - index = list(found_matches.values()).index(temp_test) - scan_map[test] = options_text[list(found_matches.keys())[index]] - except: - pass + index = list(found_matches.values()).index(temp_test) + scan_map[test] = options_text[list(found_matches.keys())[index]] failed_tests = [] for test in self.tests: - cases = sorted(os.listdir(self.repo_path + "/" + test)) + p = Path(self.repo_path + "/" + test) + cases = sorted(any(p.iterdir())) cases = [i for i in cases if i not in self.remove_items] if len(cases) == 0: failed_tests += [test.upper() + ": No test cases"] @@ -199,7 +199,7 @@ def test_engagement_import_scan_result(self): driver.find_element(By.ID, "id_file").send_keys(test_location) driver.find_element(By.CSS_SELECTOR, "input.btn.btn-primary").click() EngagementTXT = "".join(driver.find_element(By.TAG_NAME, "BODY").text).split("\n") - reg = re.compile("processed, a total of") + reg = re.compile(r"processed, a total of") matches = list(filter(reg.search, EngagementTXT)) if len(matches) != 1: failed_tests += [test.upper() + " - " + case + ": Not imported"] diff --git a/tests/base_test_class.py b/tests/base_test_class.py index c4b056503a6..7fcc3a6f203 100644 --- a/tests/base_test_class.py +++ b/tests/base_test_class.py @@ -1,4 +1,3 @@ -import contextlib import logging import os import re @@ -238,11 +237,7 @@ def goto_all_findings_list(self, driver): return driver def wait_for_datatable_if_content(self, no_content_id, wrapper_id): - no_content = None - with contextlib.suppress(Exception): - no_content = self.driver.find_element(By.ID, no_content_id) - - if no_content is None: + if not self.is_element_by_id_present(no_content_id): # wait for product_wrapper div as datatables javascript modifies the DOM on page load. WebDriverWait(self.driver, 30).until( EC.presence_of_element_located((By.ID, wrapper_id)), @@ -338,7 +333,7 @@ def enable_github(self): def set_block_execution(self, block_execution=True): # we set the admin user (ourselves) to have block_execution checked # this will force dedupe to happen synchronously, among other things like notifications, rules, ... - logger.info(f"setting block execution to: {str(block_execution)}") + logger.info(f"setting block execution to: {block_execution}") driver = self.driver driver.get(self.base_url + "profile") if ( diff --git a/unittests/test_apiv2_methods_and_endpoints.py b/unittests/test_apiv2_methods_and_endpoints.py index 56c5beb9fbc..5ac9c6cd04d 100644 --- a/unittests/test_apiv2_methods_and_endpoints.py +++ b/unittests/test_apiv2_methods_and_endpoints.py @@ -9,7 +9,6 @@ Benchmark_Product_Summary, Benchmark_Requirement, Benchmark_Type, - BurpRawRequestResponse, Choice, Contact, FileAccessToken, @@ -92,7 +91,6 @@ def setUp(self): Product_Line, Report_Type, CWE, - BurpRawRequestResponse, FileAccessToken, UserAnnouncement, BannerConf, diff --git a/unittests/test_deduplication_logic.py b/unittests/test_deduplication_logic.py index ef1d91a0d53..319c0761312 100644 --- a/unittests/test_deduplication_logic.py +++ b/unittests/test_deduplication_logic.py @@ -1158,12 +1158,12 @@ def log_findings(self, findings): else: logger.debug("\t\t" + "findings:") for finding in findings: - logger.debug(f"\t\t\t{str(finding.id):4.4}" + ': "' + f"{finding.title:20.20}" + '": ' + f"{finding.severity:5.5}" + ": act: " + f"{str(finding.active):5.5}" - + ": ver: " + f"{str(finding.verified):5.5}" + ": mit: " + f"{str(finding.is_mitigated):5.5}" - + ": dup: " + f"{str(finding.duplicate):5.5}" + ": dup_id: " - + (f"{str(finding.duplicate_finding.id):4.4}" if finding.duplicate_finding else "None") + ": hash_code: " + str(finding.hash_code) + logger.debug(f"\t\t\t{finding.id!s:4.4}" + ': "' + f"{finding.title:20.20}" + '": ' + f"{finding.severity:5.5}" + ": act: " + f"{finding.active!s:5.5}" + + ": ver: " + f"{finding.verified!s:5.5}" + ": mit: " + f"{finding.is_mitigated!s:5.5}" + + ": dup: " + f"{finding.duplicate!s:5.5}" + ": dup_id: " + + (f"{finding.duplicate_finding.id!s:4.4}" if finding.duplicate_finding else "None") + ": hash_code: " + str(finding.hash_code) + ": eps: " + str(finding.endpoints.count()) + ": notes: " + str([n.id for n in finding.notes.all()]) - + ": uid: " + f"{str(finding.unique_id_from_tool):5.5}" + (" fp" if finding.false_p else ""), + + ": uid: " + f"{finding.unique_id_from_tool!s:5.5}" + (" fp" if finding.false_p else ""), ) logger.debug("\t\tendpoints") diff --git a/unittests/test_factory.py b/unittests/test_factory.py index 43fb5b54771..5d8b4040dd5 100644 --- a/unittests/test_factory.py +++ b/unittests/test_factory.py @@ -64,8 +64,8 @@ def test_get_parser_test_active_in_db(self): def test_parser_name_matches_module(self): """Test to ensure that parsers' class names match their module names""" - package_dir = "dojo/tools" - module_names = os.listdir(package_dir) + package_dir = Path("dojo/tools") + module_names = package_dir.iterdir() missing_parsers = [] excluded_parsers = [ "wizcli_common_parsers", # common class for other wizcli parsers, there is not parsing here diff --git a/unittests/test_false_positive_history_logic.py b/unittests/test_false_positive_history_logic.py index c4d939fbc42..04fca655b58 100644 --- a/unittests/test_false_positive_history_logic.py +++ b/unittests/test_false_positive_history_logic.py @@ -1678,12 +1678,12 @@ def log_findings(self, findings): else: logger.debug("\t\t" + "findings:") for finding in findings: - logger.debug(f"\t\t\t{str(finding.id):4.4}" + ': "' + f"{finding.title:20.20}" + '": ' + f"{finding.severity:5.5}" + ": act: " + f"{str(finding.active):5.5}" - + ": ver: " + f"{str(finding.verified):5.5}" + ": mit: " + f"{str(finding.is_mitigated):5.5}" - + ": dup: " + f"{str(finding.duplicate):5.5}" + ": dup_id: " - + (f"{str(finding.duplicate_finding.id):4.4}" if finding.duplicate_finding else "None") + ": hash_code: " + str(finding.hash_code) + logger.debug(f"\t\t\t{finding.id!s:4.4}" + ': "' + f"{finding.title:20.20}" + '": ' + f"{finding.severity:5.5}" + ": act: " + f"{finding.active!s:5.5}" + + ": ver: " + f"{finding.verified!s:5.5}" + ": mit: " + f"{finding.is_mitigated!s:5.5}" + + ": dup: " + f"{finding.duplicate!s:5.5}" + ": dup_id: " + + (f"{finding.duplicate_finding.id!s:4.4}" if finding.duplicate_finding else "None") + ": hash_code: " + str(finding.hash_code) + ": eps: " + str(finding.endpoints.count()) + ": notes: " + str([n.id for n in finding.notes.all()]) - + ": uid: " + f"{str(finding.unique_id_from_tool):5.5}" + (" fp" if finding.false_p else ""), + + ": uid: " + f"{finding.unique_id_from_tool!s:5.5}" + (" fp" if finding.false_p else ""), ) logger.debug("\t\tendpoints") diff --git a/unittests/test_jira_import_and_pushing_api.py b/unittests/test_jira_import_and_pushing_api.py index eeba03f9740..2562b555a99 100644 --- a/unittests/test_jira_import_and_pushing_api.py +++ b/unittests/test_jira_import_and_pushing_api.py @@ -2,12 +2,14 @@ import logging from crum import impersonate +from django.urls import reverse from rest_framework.authtoken.models import Token from rest_framework.test import APIClient from vcr import VCR +import dojo.risk_acceptance.helper as ra_helper from dojo.jira_link import helper as jira_helper -from dojo.models import Finding, Finding_Group, JIRA_Instance, User +from dojo.models import Finding, Finding_Group, JIRA_Instance, Risk_Acceptance, User from .dojo_test_case import DojoVCRAPITestCase, get_unit_tests_path, toggle_system_setting_boolean @@ -68,6 +70,7 @@ def setUp(self): self.scans_path = "/scans/" self.zap_sample5_filename = self.scans_path + "zap/5_zap_sample_one.xml" self.npm_groups_sample_filename = self.scans_path + "npm_audit/many_vuln_with_groups.json" + self.client.force_login(self.get_test_admin()) def test_import_no_push_to_jira(self): import0 = self.import_scan_with_params(self.zap_sample5_filename, verified=True) @@ -281,6 +284,65 @@ def test_import_twice_push_to_jira(self): self.assert_jira_issue_count_in_test(test_id1, 0) self.assert_jira_group_issue_count_in_test(test_id, 0) + def add_risk_acceptance(self, eid, data_risk_accceptance, fid=None): + args = (eid, fid) if fid else (eid,) + response = self.client.post(reverse("add_risk_acceptance", args=args), data_risk_accceptance) + self.assertEqual(302, response.status_code, response.content[:1000]) + return response + + def test_import_grouped_reopen_expired_sla(self): + # steps + # import scan, make sure they are in grouped JIRA + # risk acceptance all the grouped findings, make sure they are closed in JIRA + # expire risk acceptance on all grouped findings, make sure they are open in JIRA + import0 = self.import_scan_with_params(self.npm_groups_sample_filename, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True) + test_id = import0["test"] + self.assert_jira_issue_count_in_test(test_id, 0) + self.assert_jira_group_issue_count_in_test(test_id, 3) + findings = self.get_test_findings_api(test_id) + finding_id = findings["results"][0]["id"] + + ra_data = { + "name": "Accept: Unit test", + "accepted_findings": [], + "recommendation": "A", + "recommendation_details": "recommendation 1", + "decision": "A", + "decision_details": "it has been decided!", + "accepted_by": "pointy haired boss", + "owner": 1, + "expiration_date": "2024-12-31", + "reactivate_expired": True, + } + + for finding in findings["results"]: + ra_data["accepted_findings"].append(finding["id"]) + + pre_jira_status = self.get_jira_issue_status(finding_id) + + response = self.add_risk_acceptance(1, data_risk_accceptance=ra_data) + self.assertEqual("/engagement/1", response.url) + + # We do this to update the JIRA + for finding in ra_data["accepted_findings"]: + self.patch_finding_api(finding, {"push_to_jira": True}) + + post_jira_status = self.get_jira_issue_status(finding_id) + self.assertNotEqual(pre_jira_status, post_jira_status) + + pre_jira_status = post_jira_status + ra = Risk_Acceptance.objects.last() + ra_helper.expire_now(ra) + # We do this to update the JIRA + for finding in ra_data["accepted_findings"]: + self.patch_finding_api(finding, {"push_to_jira": True}) + + post_jira_status = self.get_jira_issue_status(finding_id) + self.assertNotEqual(pre_jira_status, post_jira_status) + + # by asserting full cassette is played we know all calls to JIRA have been made as expected + self.assert_cassette_played() + def test_import_with_groups_twice_push_to_jira(self): import0 = self.import_scan_with_params(self.npm_groups_sample_filename, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True) test_id = import0["test"] diff --git a/unittests/test_rest_framework.py b/unittests/test_rest_framework.py index 5a600315536..9b58a538e43 100644 --- a/unittests/test_rest_framework.py +++ b/unittests/test_rest_framework.py @@ -31,6 +31,7 @@ from dojo.api_v2.views import ( AnnouncementViewSet, AppAnalysisViewSet, + BurpRawRequestResponseViewSet, ConfigurationPermissionViewSet, CredentialsMappingViewSet, CredentialsViewSet, @@ -1119,7 +1120,7 @@ def test_request_response_post_and_download(self): # Test the creation for level in self.url_levels: length = FileUpload.objects.count() - with open(f"{str(self.path)}/scans/acunetix/one_finding.xml", encoding="utf-8") as testfile: + with open(f"{self.path}/scans/acunetix/one_finding.xml", encoding="utf-8") as testfile: payload = { "title": level, "file": testfile, @@ -1131,7 +1132,7 @@ def test_request_response_post_and_download(self): self.url_levels[level] = response.data.get("id") # Test the download - file_data = Path(f"{str(self.path)}/scans/acunetix/one_finding.xml").read_text(encoding="utf-8") + file_data = Path(f"{self.path}/scans/acunetix/one_finding.xml").read_text(encoding="utf-8") for level, file_id in self.url_levels.items(): response = self.client.get(f"/api/v2/{level}/files/download/{file_id}/") self.assertEqual(200, response.status_code) @@ -3043,3 +3044,27 @@ def __init__(self, *args, **kwargs): self.test_type = TestType.STANDARD self.deleted_objects = 1 BaseClass.RESTEndpointTest.__init__(self, *args, **kwargs) + + +class BurpRawRequestResponseTest(BaseClass.BaseClassTest): + fixtures = ["dojo_testdata.json"] + + def __init__(self, *args, **kwargs): + self.endpoint_model = BurpRawRequestResponse + self.endpoint_path = "request_response_pairs" + self.viewname = "request_response_pairs" + self.viewset = BurpRawRequestResponseViewSet + self.payload = { + "finding": 2, + "burpRequestBase64": "cmVxdWVzdAo=", + "burpResponseBase64": "cmVzcG9uc2UK", + } + + self.update_fields = { + "finding": 2, + "burpRequestBase64": "cmVxdWVzdCAtIGVkaXRlZAo=", + "burpResponseBase64": "cmVzcG9uc2UgLSBlZGl0ZWQK", + } + self.test_type = TestType.STANDARD + self.deleted_objects = 1 + BaseClass.RESTEndpointTest.__init__(self, *args, **kwargs) diff --git a/unittests/vcr/jira/JIRAImportAndPushTestApi.test_import_grouped_reopen_expired_sla.yaml b/unittests/vcr/jira/JIRAImportAndPushTestApi.test_import_grouped_reopen_expired_sla.yaml new file mode 100644 index 00000000000..5450aa9653e --- /dev/null +++ b/unittests/vcr/jira/JIRAImportAndPushTestApi.test_import_grouped_reopen_expired_sla.yaml @@ -0,0 +1,7455 @@ +interactions: +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0te3bqbtN26vMkEp+gU2r0oImlyi9U0KU06GGP/3QQH26P6drnn + O/cc7oHUwuF20ISTD+97x2czhQ1Kr+ynTYTXwrlWmMSgJxOiWtdrsf8HX+KwayUqdF9r1P0Kjcfh + r0dW1jR6RCPxd84dDq61JsAUgCaQwLTcXD+X66fqrG7Grg4T4a8RmsAE3kIm9truu9Cy2vcxbaXt + qIKpHlutfiyEBwNbLE7LG+EjyIBlU8qmdFlRxlPKaZoAwBUEOPhd+AMOVdtdsilUtOA0C3iSL86s + 7O5MYwMIWQ5ZyuYiresiL5Y0X1KVs1RKVqCaU4GNENm8vgjwOibct4OILwz6qP2DlSKuD0SfJoLm + fVuS42WxF2uicvtYkeM3AAAA//8DAIJe/usgAgAA + headers: + Atl-Request-Id: + - cd2d7f48-ee2c-4df1-807a-3163dc0e224b + Atl-Traceid: + - cd2d7f48ee2c4df1807a3163dc0e224b + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:31 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=214,atl-edge-internal;dur=37,atl-edge-upstream;dur=176,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - d50a969d2e184c047378565e1391d27c + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 92e4fee3-8af8-4343-85a2-906308cde605 + Atl-Traceid: + - 92e4fee38af8434385a2906308cde605 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:32 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=312,atl-edge-internal;dur=17,atl-edge-upstream;dur=292,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 4e0b52fac382010988109639367a2804 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\nA + group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/358] + in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321] + | [300|https://cwe.mitre.org/data/definitions/300.html] | negotiator | 0.5.3 + | [2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/233] + | Active, Verified |\n| High | [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539] + | [400|https://cwe.mitre.org/data/definitions/400.html] | negotiator | 0.5.3 + | [Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232] + | Active, Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= + 0.6.0)|http://localhost:8080/finding/233]\n*Defect Dojo link:* http://localhost:8080/finding/233 + (233)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232]\n*Defect + Dojo link:* http://localhost:8080/finding/232 (232)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n*Reporter:* + [(admin) ()|mailto:]\n", "priority": {"name": "High"}}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '3361' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue + response: + body: + string: '{"id":"15997","key":"NTEST-1585","self":"https://defectdojo.atlassian.net/rest/api/2/issue/15997"}' + headers: + Atl-Request-Id: + - df4ed9e1-993f-4c3c-b656-46250a07daec + Atl-Traceid: + - df4ed9e1993f4c3cb65646250a07daec + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:32 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=677,atl-edge-internal;dur=22,atl-edge-upstream;dur=659,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 03d5482c097ff2a04fe6e3893b2eb52a + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1585 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSY7MmU7HdZTEreu6spI8OB4PTK5IxCTAAKCO2v7v3eUh + xYcytTuN/UBce2D32w+rGwdWJZeJEzkaZAIakrcC8sT0JC/A9EycQcF7qgTNrVDS9CARtgDLe3HG + ZQq5SnsL0Ab3IJlCqcGAtO3ZuDJWFXNSeBn4fuC7Gr5WYOxsXcKp5rEVMTg9R5D9YLS//xonBvI5 + TjNrSxN5XgJziG2iviiX25wbI7h0JVgPLVmPl8ILPWFMBV6n4BrWKH8ym5zN+sFoPMKl2gXjRDeO + Qd8qE3MLqdLr5g4JzlAi9MNhPwj7A38WjKNgGA1CdxwEP6HfPjlJRiw6Xqt5oZMk76E+P9xcu50k + YGItSgocrh4wU/A877FEGCtkbFkpIAam5myp9LVL0rGSH3T+TC8qKShdPL/kC2659hYCll7t1tbB + divwB8H4FyP+hp8LTHtVoFWCBZqccXNNuaquLI2iOc8N9JxG8AjvVcv2nEwgcHScrY9hAeirf9dz + rEBklYgSJ5IV3tF5AJOB322UWn3BG70w4K10He46gV24afINSLa3+iCFtajAOBvbhNTf67NGze2S + a8KrEUWZC3Q4eXBzzEeNsuF4NRw/093vZKa7ySYvQ5+AHg5X4fD/tdJkv8YiGgz2VsHejzC46iwO + wtUg/BEWW4Df3T2GY7ALp2G3MRerjw0HYvbPLx6fHHQneZpqSJFvHhUBXkDlVVP+T5sb7drY27Xx + esdGuHNjvGtj/7GfDW02q0RK9QvhRP0Ap9ziw9EQ7vMLt6HzLYF7jTpNZVkPD1VFgQuIlD/RgpCp + E1ldwV3L06RNi7gJ582jNfIMj5pMVXnyRpgy5+u2lHEZ3bIfETNU3m00NOBliT+eeiSG+2H3SDwM + 24bKHm7sAlW4AVWphdLCrl8YxE7cq1+af/9WiIKnYDySMJ0SgQuZSDPXLNItW77HlY5WQ+dx4YQb + 1Of8CogYnygN4pMnAxHswmgwpohk3ExKER8Lef2Wdt5ASf2LjLs81tld1nubFankBNsXfpXDFLhp + sKHbkXN6/OHd0cnl8dHh5ORscjmZTv+c4v2wTg2GBA/MMmCn+AJIy8guE4Ypma8ZsonISSmziv0m + NGenGgqkE1YZRK37FKsEWFCOfyt8v0wGkdO8ipg9DP+2qu6xBSYiFZLnDw+13Vcb3hrpOXrXzimz + qYTN6aqkst2F5NGe3yG5aZReCL5GePPy3u9tnofHLd5+5fE1tpsd5Drlja3DtqP7Tw53bWFTM2gk + 7BoFCUuqbpUrfdJ4c5VX0E818sa2KVLsjWqSrYoSG2Jpnwb9aBctjDa08L2M3w/nZ/nt/wFLtapK + ahTfCpkgMRqGtcKuACQrK5NBUqP0aHpA3ytgQi7IAMEsYfhTgOFrBklEyrLQZe9I3Wf5qv6+itj5 + Rq2QEZMYLyu4VTry3ZE7uKWgY8xzFfM8U8ZGY3/se/NG5rL2zRuMxhcozc7PIK6Io9h7texbtUMY + H+2kwkc7vGAeOw+MZX9VXFvQbCJTrMwC47xDFDYHvKCWPjn9gx1UyAHsLOZyhxS1gN6+f9FE9PaW + nWHzWvuJ48OPk/rzqfl0iaZJ2wPQcCYs0gGJ1sDCESpixJjslp2jjn6IFNDHLjkMai8IqHKRuBL7 + fTdVC29R5RKha5FavPvnL0jFwPc3cvES3EJYDa7SqYf1zQnzAptZ4gUPj7qZLXKS2+YLJ3XGSFmI + f1NIq5xjTP8BAAD//+xZbW/aMBD+K9akVoBICkkIharqqFjVTms1rdo+dF8wsYFsIYkSoPuwH7/n + HCe8lJSOqlUnTa2A2D77fL57zvfkF9Vwah99Gfo8IFe6lckCpRozWOWmmKHODoPZySmmcc1GtcSW + +uSPLNum9XtIvwtZJ1Op+zPbZhcX+2zZnSfbRY9XdnGebhdnp11e3CZWmU0QcLnTdWvKPtTGav25 + ZH1EKho/AsWY1akzAHmLraNA/jdpmgUMqGfbfLXTxhb6CnkBij8iRjkJWu+UYxV8VLft/9Hdsxoi + Eu3f8WXsFRxYEv6kpnheeK4fQe02micw5oUfSMCnzAx+OJ6dcM+T8Uz9XLrfimB/CfM1wHGhRgT8 + 18Bp+tERFws/RaqQlG/byAAjMjrcKL8Y0JEOlisMGK4wjPRHaa4vLYl2B60duYMo3CHV7sBnM2Tg + tM7uJ743YbhLj8cA4TkAkMUca4VjxhmKGg+CuBZ5CR+RHoOe2qjxiYfjOeB4wCaSC0guOHKome2W + fVsqdA28D+Rqclnvz2ut7qpLYshnVSaIvB/d47y7uT4DRk4gjkY4uQr37u6DIczv0gf5Fx5pWylm + iefDwPf0oV37KpXqM/uqbltkYX0YmTIMMBOgI9Gbh9zVNObejGRuIuarB4bEt/CFFGvu9AUxhSso + lv4bp9CicUR5k3y8wsXUD6usUv09hQ/Pom7ht1tB48UBw9oTMCwCDOuZgLFX1ngAGPvmrdXzfW3A + cP8DxisAhvNvAYZbiO4AjIeMR6so+jcL3rKap+mUdRSEFxVDswS+pHgeYm42hjoFPbXR0SgjzRpl + vEOj4B1y85QNLOPKGoUyKgAmVH7oYny1nt+s6tL5dMqpgH33aIVFJic2Kkr2LHWJkziDxxKHdiVO + 200AYuPA7kn32B26DjcaI6ttOCPeMjqddsMQ7kjI9mjoSJvK4kISy2ay3SdKSvKbnhAUNaQzT6JA + vF9RGVUzLfAok64ORZoovNUwksnZXHtkC2soBXfbx1zavCNG3Okce0Pudjyn2TwTp2oW7PXAusB/ + JmdMeaiLRMPImlJznhr3MJlhmVR9mlnEkk2NmPOUTAp5lRN4kOLn5bnhmHFI5MQmK//2Nd6k9d++ + xpuvBd66xkAskbHMmj26VM7PzgMe/pRhOvFjFVpUCGZEdgZ6d1FIoz/MkyiWR3eAI48oVx2D9G4K + vUWk0zL6jdx23skpw2BnhY7+AwAA//9ClYAPR6NLwMv5ImglMVocDcKER6g4AgAAAP//GowuHi2O + aO1i+hVH6KUGvK0HbwoBnZ4OyYLVoDl3KNsAaGF+SSJ0xQC6KTgbdTiLMZytPSPsBSWuyScDXM1b + UKmAVcIAV/PWGJcOY3j7MTWvLLMoPw/SgIQIpZRCl6tAuESFXn4uxIRqGBNaO5BRWiOttNGHmauj + lJtYEZRaXJoDMhjJbvDcTFGJYwnEHWX5JdSbEoYYBjcUaFdGYnFYPnhqCzaPC5qUBk0YgayEOwTV + tUYozoVqAAdPbW0tAAAA//8DAANknFkdJQAA + headers: + Atl-Request-Id: + - f30865ec-4d2d-4762-bd6c-018be1d37964 + Atl-Traceid: + - f30865ec4d2d4762bd6c018be1d37964 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:33 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=259,atl-edge-internal;dur=14,atl-edge-upstream;dur=246,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 074e7b783fa14fe46e209d9cfe89afd6 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSY7MmU7HdZTEreu6spI8OB4PTK5IxCTAAKBkNc5/7y4v + xYcytTtN8iDi2AO73367/uLATcll4kSOBpmAhuS1gDwxA8kLMAMTZ1DwgSpBcyuUNANIhC3A8kGc + cZlCrtLBCrTBM0jmUGowIG17N66MVcWSFF4Gvh/4robPFRi72JRwqnlsRQzOwBFkP5js77/EhYF8 + icvM2tJEnpfAEmKbqE/K5TbnxgguXQnWQ0vW46XwQk8YU4HXKbiGDcqfLGZni2EwmU5wq3bBONEX + x6BvlYm5hVTpTfOGBFcoEfrheBiEw5G/CKZRMI5GoTsNgp/Qb5+cJCMWHa/VPNNJkvdQnx/2z24X + CZhYi5ICh7sHzBQ8zwcsEcYKGVtWCoiBqSVbK33tknSs5DudP9GLSgpKF88v+Ypbrr2VgLVXu7V1 + sD0K/FEw/cWIv+HnAtNeFWiVYIEmF9xcU66qK0tf0ZLnBgZOI3iE76plB04mEDg6zjbHsAL01f86 + cKxAZJWIEieSFb7RuQeTkd8dlFp9whc9M+CtdB3uOoFduGnxDUi2r3onhbWowDi9bULq7/Vdo5Z2 + zTXh1YiizAU6nNx7OeajRtl4ejOePtHd72Sme0mfl7FPQA/HN+H4/7XSZL/GIhoM9m6CvR9h8Kaz + OApvRuGPsNgC/OvXh3AMduE07A6W4uZ9w4GY/fOLhzdH3U2ephpS5JsHRYAPUHnVlP/j5ia7DvZ2 + HbzccRDuPJjuOth/6GdDm80ukVLdIZxoGLRcSSnRIm6e9OXBHhUKRttkqsqTV8KUOd+05YTba26x + 9TSU/fTSbxrCtgV4jTpNhV1/HqqKQl+7+oE2hEydyOqKbKNS+x4xQ+XdRkMDPpb447EmMd4PuyZx + P2w9ld0/2AWqsAdVqYXSwm6eGYJO3Ks7zb/vFaLgKRiPJEynROBGJtLMNat0y5Zvcaej1dB5WDhh + j/qcXwER4yOlQXzyaCCCXRgNphSRjJtZKeJjIa9f08krKGl+kXGHoRpZ6/qs35FKznB84Vc5zIGb + Bpe6/XJOj9+9OTq5PD46nJ2czS5n8/mfc3wf1qnBkOCFRQbsFDuAtIzsMmGYkvmGIZuInJQyq9hv + QnN2qqFAOmGVQcy5j7FKgAXl+LfC98tkFDlNV8TsYfi3VXWHLTARqZA8v3+pnb7a8NbIz9G7dk2Z + TSX0t6uSynYXkid7fofkZlB6Jvga4b7z3p1tnobHLd5+5fE1jpsd5Drlja3DdqL7Tw53Y2FTM2gk + 7AYFCWuqbpUrfdJ4c5VXMEw1ctZ2KFLslWqSrYoSB2JpHwf9pKeF7yX2vlBPGXfD+VF++/+ApVpV + JQ2Kr4VMkNYMw1phVwCSlZXJIKlRejQ/oN8rYEKuyDLBLGH4pwDDbgZJRMqy0GVvSN1H+aL+fRGx + 816tkBGTGC8ruFU68t2JO7qloGPMcxXzPFPGRlN/6nvLRuay9s0bTaYXKM3OzyCuiKPYW7UeWrVD + GJt2UmHTDi+Yx84DY9lfFdcWNJvJFCuzwDjvEIX+ghfU0ienf7CDCjmAncVc7pCiEdDb9y+aiN7e + sjMcXms/8fvw/az++dD8dImmRTsD0OdCWKQDEq2BhV+oiBFjslt2jjqGIVLAEKfkMKi9IKDKVeJK + nPfdVK28VZVLhK5FavHu3r8gFSPf7+XiNbiFsBpcpVMP65sT5gUOs8QLHl51M1vkJLfNFy7qjJGy + EP/NIa1yjjH9BwAA///sWW1v2jAQ/ivWpFaASApJCIWq6qhY1U5rNa3aPnRfMLGBbCGJEqD7sB+/ + 5xwnvJSUjqpVJ02tgNg++3y+e8735BfVcGoffRn6PCBXupXJAqUaM1jlppihzg6D2ckppnHNRrXE + lvrkjyzbpvV7SP0LWSdTqfsz22YXF/ts2Z0n20WPV3Zxnm4XZ6ddXtwmVplNEHC503Vryj7Uxmr9 + uWR9RCoaPwLFmNWpMwB5i62jQP43aZoFDKhn23y108YW+gp5AYo/IkY5CVrvlGMVfFS37f/R3bMa + IhLt3/Fl7BUcWBL+pKZ4XniuH0HtNponMOaFH0jAp8wMfjienXDPk/FM/Vy634pgfwnzNcBxoUYE + /NfAafrRERcLP0UOkZRv28gAIzI63Ci/GNCRDpYrDBiuMIz0R2muLy2JdgetHbmDKNwh1e7AZzNk + 4LTO7ie+N2G4x4/HAOE5AJDFHGuFY8YZihoPgrgWeQkfkR6Dntqo8YmH4zngeMAmkgtILjhyqJnt + ln1bKnQNvA/kanJZ789rre6qS2LIZ3XJF3k/usd5d3N9BoycQByNcHIV7t3dB0OY36UP8i880rZS + zBLPh4Hv6UO79lUq1Wf2Vd22yML6MDJlGGAmQEeiNw+5q2nMvRnJ3ETMVw8MiW/hCynW3OkLYgpX + UCz9N06hReOI8ib5eIWLqR9WWaX6ewofnkXdwm+3gsaLA4a1J2BYBBjWMwFjr6zxADD2zVur5/va + gOH+B4xXAAzn3wIMtxDdARgPGY9WUfRvFrxlVEjTWS2GZglcRpExRA5tDi2jwBplHU7BW21KFLxD + boWygWU8RKOMK2sUa6oAmFD5oYvx1Xp+s9xL59MppwL23aMVFpmc2Kgo2bPUJU7iDB5LDNiVOG03 + AYiNA7sn3WN36DrcaIystuGMeMvodNoNQ7gjIdujoSNtKosLSSybyXafKCnJb3pCUNSQzjyJAvF+ + RWVUzbTAo0y6Oi1povBWw0gmZ3PtkS2soRTcbR9zafOOGHGnc+wNudvxnGbzTJyqWbDXA+sC/5mc + MeWhLhINI2tKzXlq3MNkhmVS9WlmEUs2NWLOUzIp5FVO4EGKn5fnhmPGIZETm6z829d4k9Z/+xpv + vhZ46xoDykTGcGv26FI5PzsPePhThunEj1VoUSGY0dAZGt5FIY3+ME+iWB7dAac8olx1DNK7KfQW + kU7L6Ddy23knpwyDnRU6+g8AAAD//0KVgA9HF0HrgtFSZxCmL7JLHQAAAAD//xpAF4+WOrR2Mf1K + HfRSA1cj0ATe1oM3hYB+SofkzWrQnDuUbQB0SX5JInTFALopuFp7BriKMQMj7OUhrsknA5wewNka + hPsMXQeuZqIxTgl4+zE1ryyzKD8P0oCECKWUQperQLjEhF5Zfgn1JlIhhsENBdqUkVgclg+eUoLN + 3QLzAcTJ1TAmtDoi2wHgpT36MHN1lHITK4JSi0tzQAYjeRY8GVRU4lgC8ThoUho0YQTyOlwcVbMR + im6oBrBra2trAQAAAP//AwC//yv3HSUAAA== + headers: + Atl-Request-Id: + - d80393f0-c8d6-4dbb-b06c-68814984b3ef + Atl-Traceid: + - d80393f0c8d64dbbb06c68814984b3ef + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:33 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=299,atl-edge-internal;dur=14,atl-edge-upstream;dur=286,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 1da1d0b1a01cc131cc1a1d6f87430d82 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQX0vDMBTFv0teXbv8abc2bzLBKTqFdi+KSJrcYjVNSpMOxth3N8Ghe1TfLvf8 + zj2He0CNcLAdNeLozfvB8flcQQvSK/tuU+G1cK4TJjXg0Qypzg1a7P/BVzDuOgkK3Mca9LAC42H8 + 65GVNa2ewEj4nXMHo+usCTDBmKQ4xUm1uXys1g/1j7qZ+iZMiD9HaIZn+CVkwqDtvg8t6/0Q01ba + TiqYmqnT6suCeDDQ5fK0vBI+ghTTLCE0IWVNKGeEE5ZijC9wgIPfhT/AWHf9OctwTQpOMs5YWtLy + m5X9jWltAHGW44zRhWBNU+RFSfKSqJwyKWkBakEEtEJki+YswOuYcNuNIr4w6JP2d1aKuD4gfZoQ + mNdthY7nxZ6sicr1fY2OnwAAAP//AwAr8WPzIAIAAA== + headers: + Atl-Request-Id: + - b7cdaa61-5afe-4562-aefd-97a5684e5692 + Atl-Traceid: + - b7cdaa615afe4562aefd97a5684e5692 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:33 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=184,atl-edge-internal;dur=32,atl-edge-upstream;dur=155,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 89433fd5d072dee7df29a3909871d4bf + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 37e95857-514d-4576-baa6-a78e6ad0c798 + Atl-Traceid: + - 37e95857514d4576baa6a78e6ad0c798 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:34 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=303,atl-edge-internal;dur=15,atl-edge-upstream;dur=289,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 21c72ac11ff6eb2264d42be0fa541413 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: pg:5.1.0", "description": "\n\n\n\n\n\n\nA group of + Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: pg:5.1.0|http://localhost:8080/finding_group/359] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [2222Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236] | Active, + Verified |\n| High | [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/234] | Active, + Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [2222Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < + 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= + 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 + < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]\n*Defect + Dojo link:* http://localhost:8080/finding/236 (236)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, + < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < + 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= + 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 + < 7.1.2)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/521\n\n\n*Reporter:* + [(admin) ()|mailto:]\n", "priority": {"name": "High"}}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '7143' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue + response: + body: + string: '{"id":"15998","key":"NTEST-1586","self":"https://defectdojo.atlassian.net/rest/api/2/issue/15998"}' + headers: + Atl-Request-Id: + - b4134387-e6da-4096-89be-5e60cf114bed + Atl-Traceid: + - b4134387e6da409689be5e60cf114bed + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:35 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=662,atl-edge-internal;dur=12,atl-edge-upstream;dur=651,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 6972c7f69c901e2b0ee8ed2e31176648 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1586 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+dVKJl45InOl0XEdJnLquKyvJg+PxQOSKREwCLADqaJz/3l1S + lGI7Smt3GnvGxLUHdr/9sP7kwLrkMnEiR4NMQEPyUkCemI7kBZiOiTMoeEeVoLkVSpoOJMIWYHkn + zrhMIVdpZwna4B4kUyg1GJB2ezaujFXFghReB74f+K6GPyswdrYp4Vzz2IoYnI4jyH4wGI9HODGQ + L3CaWVuayPMSWEBsE/VRudzm3BjBpSvBemjJerwUXugJYyrwWgU3sEH5s9nkYtYNBqMhLtUuGCf6 + 5Bj0rTIxt5AqvWnukOAMJUI/7HeDsNvzZ8EoCvpRb+D6o+BH9NsnJ8mIRcdrNU90kuQ91OeHu2tv + JwmYWIuSAoerR8wUPM87LBHGChlbVgqIgakFWyl945J0rORbnT/Si0oKShfPr/mSW669pYCVV7u1 + d3C7Ffi9YPSzEX/BTwWmvSrQKsECTc64uaFcVXNLo2jBcwMdpxE8wXvVsh0nEwgcHWebU1gC+up/ + 7jhWILJKRIkTyQrv6NyDSc8/tBG0G6VWH/GqT8zEVrrOQ53ZNg80+QI9++u+lcJaVGCcnW2C8K/1 + WaMWdsU1AdmIoswFOpzcCwkmqoZff7Tujx7p7jdS1t5kl7C+/xzdCPvrsP//WmlgUYMUDQbDdTD8 + HgbXrcVeuO6F38PiFvmfPz+EY3gIp712YyHW7xpyxOxfXiEa0lRDinzzj0UwaDfwAiqvGl74+tHh + oY3nBzbCgxujQxvjh+40tNmsEinVL4QTdQOccosPR0O4j6/Phs73BO416jRVXz08VhUFLiBSfk8L + QqZOZHUFmCVUat9hYqkGG+dqfaRfi7iJ46cHa+QrCptMVXnyQpgy55ttDVPmNeBliSYePhJ99/n+ + kbgftkNUFu6o7P7GDlSlFkoLu3liEFtxr35p/v1bIQqegvFIwrRKBC5kIs1cs0z3pPgaV1r2DJ2H + 9RHuyiDncyD+owq43xMcAm9wCKPBiCKScTMpRXwq5M1L2nkBJfUvMm6zVudyVe/tVqSSE2xf+DyH + KXDTIEFvR8756dtXJ2fXpyfHk7OLyfVkOv19ivfDOjUYEjwwy4CdI9FLy8guE4YpmW8YkobISSmz + ir0RmrNzDQWyBqsMotb9GnkEWFCOfyt8v0zmkdO8ipg9DP++qu6wBSYiFZLn9w9tu69teGtc5+hd + SziY2VTC7nRVUtkeQvJoOGyR3DRKTwRfI7x7YO/2No/D4x5vv/D4BtvNFnKt8sbW8baj+08Ot21h + UzNoJGz7AQkrqm6VK33WeDPPK+imGlli3xQp9kI1yVZFiQ2xtF8H/eAQLQx2tPCtjN8N5wf55e8R + S7WqSmoUXwqZIDEahrXC5gCSlZXJIKlRejI9ou8cmJBLMkAwSxj+K8Dw0YIkImVZ6LJXpO6DfFZ/ + n0XscqdWyIiVaTRwA9e/pWBjrHMV8zxTxkYjf+R7i+bsde2T1xuMr1CKXV5AXBE3sddq1bXqgDC+ + yUmFb3J4xTx2GRjL/qi4tqDZRKZYkQXG94Ao7A54QS19dv4bO6qw9tlFzOUBKerwvLF/1UTy9pZd + YNNa+4nj43eT+vO++bQJpsn2iafhTFikARKtAYUjVMSIKdktu0Qd3RBLvxsM/VFYe0EAlcvEldjn + u6laessqlwhZi5Ti3T1/RSrG/Z1YvAK3EFaDq3TqYVlzgrrAVpXowBv33cwWOUmVKf6p80QqQvyZ + QqEs4DUSYJM1poNkWJf9cJ7+DQAA///sWN9v2zYQ/lcOCBDImkPPsmxjDvwQJH3YsBbD0u5lHmBF + ZmJtsuToR5qi6/++70iKomKrRZM9Jgkc+Y5HHr873n3UkE7T6pwCMR6LgOj0rjpf0kT8CGOlmIiZ + CKlRhK0iFFMxb+TTVj4VmKuRz1o5P05bOXtn5GMxa+VBKw/c8ZNWPhGTVh628rDdwLxdlx8duV2X + H4NBT26YTB4FkxkjegHS8CCHHHpF9+lYnOffGWcz/v+K82uMnx3jsC/GKIRNUVj4Kt4sI/+qlnSF + CgrhL+guFPw0JDTYKXWrc/O7HQtbntX3iXg9ly+M2Qx1279SvR5t+O+cmAUhHt+0Iw8fg2OR/Wpc + yUcvgPxP/Dt7xnHFgjj3aoKXtYVuavnXeV3EEumVSp8b9Bn66C4pJeO6v3MGXrU0wke7t8si90rT + oEWSj6LNQ1KCiuAOMA0CMIxbhhjHoSGezDXW+7s1gdTBv4wiKnQax5zG0qYx70EW0U2Sck+ttlFF + eYyFSvq4BTupQK+NIaN2E5WS8oLucU/7RLgrx3wKS8weF9EtOwA6Vu8yYvYl1EEDQS8kgaFT9TFv + TGIqY5lFuMkwZcFSSbwlEAGw9zT5R4K/32KVCG7v92kSq1eXhho1DqcS+ODI8gXAHaW3Bp/qrIxu + USqY75+VNQ+Bf+V9apYzyJS0i2Cc5GAGjvOlWGXB4ewwyoB0yc7APVx5C7BFzGvRYbZmfYgMUoWs + 6iJDbuOprNOK0XV8wLijTggG8OQEV5cc8cTfZZ7Fcl+tsvV6vcr4OljRZ7rEzsB6vtCS+F1uUkjv + 9OQxmCO19P9BMzbWI5cE7mzMPFaqJ2E2x5LGgOFa0vr6za9vLt/TmC6u6fS+zqvzFX705CNfS3AI + j6n90Qrn8gfeapmnUuC24CH7Y9zghMweBn+xN6DQMMlGI229Vg5opxSAHvwYkieLYsgIDmjJJ4c+ + Y2azJ8y1Yce/DAw49IdNFHoL0op8IT5qrrx5D7TolHEwxZ5CDk1fKbdGB8Xcag7KuaN5UtAdzZOS + 7mieFHVH86SsW81BYXc03dIOnH5TL3g2DUgLM9KAZFDBfA5cjJHBhBdy4WKMDChG1cDFGFlQHE3T + 8hpUOioGyaLS0TBIFpWOhkGyqHQ0DJJFxdFokCwqHY0GyUkm4LVFJnFKnmnCtzgs9HxXWfAHuhO+ + XcR8DpCY9Q2Ov+kBbxN18zMtwLdXmUA8iscFfVBvC7gAmWLfhAQVM4WmEK7RpM9IR+uoTdhno8N4 + 1GbaZ6MDfNRm1mejI2JtyKN33IFUd7IdTiXBUEd8qMquDjG3migtc9rrBBbEPMIuOu9bVIX064ua + hECXOljAxO7n3T6KK47bu5wS9YWQAg/JRm7aNo+Bv4MUFRLVvPyePm9M9zlfuZmmeNFml2QD8gb/ + 7kBDqnxhqcdRPvvKZZ0D7Ba8b3PZ8JlcNmQuG76My/4HAAD//6JKW5bcri9yuqV1W9ZwtC1bAAAA + AP//7JrZasMwEEV/pRTyKNeL4qUQ0gRa0l/I21iSm5J4wQv9/WosW8Rq1JY+GWrIQ4g09mRi3Vy4 + Z/Gyi5ddvKxF1ifebCLsE292Le2Llx3ntXjZxcvOw8t6uvQHL/s1v1/rCNuMb20JnkdtCxrowGiv + rYGde2oBqQNjK9WwhbHg6muYC7YU3dUp+jge20Yb+eHqZiZptJlJQtsCO2HiphLPpstzwDj2/mZe + iKNGpqKs/xjYojvZAmNIgrzyTeRJJ+uugp0I4zANKRA38yNCM1iTJIlcwsOMiyhLqQgw3NWV8raq + 9vGXlQKflx3nspcGe4a6vPCnq5ZZiZzc99hX/2MI561W27BmRI+CLOB+KjiEUQwigIRnQJOYpRAm + jHrelm/6q8jvuvJf5EvVkRyKIfIkRH3UOF1DPuTIiO9gluootcSZkgqgwZHK+t7Ny3Mp3x72hDpV + gRG7iZDNv2OTQZt/xybDNveOpVJxRUYNDMShf/jv9hcozqJoTu9Vf7QwNlM4lhK7Y1ng7ueuLivx + cJQyxBAcGs4ggpRyVZ90vM3Ald6mJ6hNe6kNqqI2Uo9qfa+HP4f/K0efAAAA//8axAlvtDiih4tH + iyNcxRF6qQFv48GbRECnp0OyYDVogTiUbQC0ML8kEbruHd0UnI05nMUYzlaeEfaCEtcSSgNczVpQ + qYBVwgBXs9YYlw5jeLsxNa8ssyg/D9I2hAillEI3XUC4RIVefi7EhGoYE1o7kFFaI+0X0YeZq6OU + m1gRBBllQrEbvMKwqMSxBOKOMmDnhtxlkRgLmyGGwQ0F2pWRWByWD16gCVt7DFpaDVr2CLIS7hBU + 1xqhOBeqARw8tbW1AAAAAP//AwCOce734zMAAA== + headers: + Atl-Request-Id: + - 280ca78e-37a4-4a69-8e40-d91793d25780 + Atl-Traceid: + - 280ca78e37a44a698e40d91793d25780 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:35 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=312,atl-edge-internal;dur=35,atl-edge-upstream;dur=274,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - e4fe957377af661e38d0343b353d8285 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xX6VPbRhT/V3b0qZPaunxE1kynQ4mT0FJKjUk+EIZZS8/SBmlX3V35aOB/71td + DhhnCp0GZtBe7/69gy8WbArKYyu0JPAYJMRvGWSx6nGag+qpKIWc9kQBkmomuOpBzHQOmvailPIE + MpH0ViAV3kE8g0KCAq6bt1GptMiXhuGN57qea0v4qwSl59sCziWNNIvA6lnMyPdGk0mAGwXZErep + 1oUKHSeGJUQ6Fp+FTXVGlWKU2xy0g5K0Qwvm+A5TqgSnZXALW6Q/m08v5n1vFIzxqFJBWeEXS6Fu + pYqohkTIbW1DjDuk8F1/2Pf8/sCde0HoDcPByHYD70fU2zVKGiEaFa/YvFBJQ+8gP9fvzG42MahI + ssI4Dk+PiMpplvVIzJRmPNKkYBABEUuyFvLWNtSR4Jcye6YWJWcmXDS7oSuqqXRWDNZOpdZOwebK + cwde8LNif8NPOYa9zFGqgQWKnFN1a2JVLrRZhUuaKehZNeEJ2lXR9qyUIXBklG5PYQWoq3vfszRD + ZBWIEivkJdpoPYLJwG0vCik+o0UvdHhDXbm7CmDrbrP5CiQ7qy450xoZKKuTbZD6W/VWiaVeU2nw + qlheZAwVjh9ZjvGoUDYMNsPgmep+IzKtJV1chu5rVMMfbvzh/yuljn6FRRTojTfe+HsI3LQSB/5m + 4H8PiQ3A7+/34egdwqnfXizZ5kNdAzH6V9f7LwftS5okEhKsN3tJgAaIrKzT/2lxo0MX40MXrw9c + +AcvgkMXk30967JZn5qiVHUIK+x7Ta00IZEsqk36sndmEgW9rVJRZvEbpoqMbpt0wuM11dh66pL9 + /NSvG8KuBTg1O2kSu1oei9K4vlL1ozlgPLFCLUsjG5nqD4gZk96NNySgsaZ+7DeJof161yQeu60r + ZY8vDoHK70BVSCYk09sXuqAld6pO8+97BctpAsoxFKplwvAgZUlqq1Wyq5bv8aQtq761nzh+h/qM + LsAUxidSw9STJx3hHcKoFxiPpFRNCxadMn771ty8gcLMLzxqMVQha13ddSdc8CmOL3SRwQyoqnEp + m5V1fnr57uTs5vTkeHp2Mb2ZzmZ/zNA+zFOFLsEH8xTIOXYAromRS5gigmdbgtWEZYYp0YL8yiQl + 5xJyLCekVIg5+6mq4mFCWe4dc90iXoRW3RUxeuj+XVY9qBYYiIRxmj1+1ExfjXsr5GeoXbM3kU04 + dK/LwqTtISQH43GL5HpQeiH4auKu8z6cbZ6Hxx3efqHRLY6bLeRa5rWs42ai+08Kt2NhnTMoxG8H + BQ5rk90iE/Ks1maRldBPJNas3VAkyBtRB1vkBQ7EXD8N+lFXFr4V2MdEXcl46M5P/OvfI5JIURZm + UHzLeIxlTRHMFbIA4KQoVQpxhdKT2ZH5LoAwvjKSDcxigv8KEOxmEIeGWerb5J1h94m/qr6vQnLV + sWU8JEUSjmzPdu+Ms9HXmYholgqlw8ANXGdZv72pdHIGo8k1UpGrC4hKU5vIe7Hua3GAGJt1XGKz + 9q+JQ648pcmfJZUaJJnyBDMyR/8eIIXugeNV1Gfnv5OjEnOfXESUH6Ayo58zca9rT97dkQscWis9 + cX38YVp9PtafNsBm0/R+s5wzjWXAkFaAwhUyIqZSkjtyhTz6PqZ+3xu7gV9pYQDKV7HNcc63E7Fy + VmXGEbIaS4rz8P21YTEZdmTRGuycaQm2kImDaU0N1BnOsKYcOJOhneo8M1RFgn+qOBkWPv7MIBca + 0IwYyHSD4TA0pE9+OE/+AQAA///sWN9v2zYQ/lcOCBDImkPPsmxjDvwQJH3YsBbD0u5lHmBFZmJt + suToR5qi6/++70iKomKrRZM9Jgkc+Y5HHr873n3UkE7T6pwCMR6LgOj0rjpf0kT8CGOlmIiZCKlR + hK0iFFMxb+TTVj4VmKuRz1o5P05bOXtn5GMxa+VBKw/c8ZNWPhGTVh628rDdwLxdlx8duV2XH4NB + T26YTB4FkxkjegEK8yCHHHp1D6BjcZ5/Z5zN+P8rzq8xfnaMw74YoxA2RWHhq3izjPyrWtIVKiiE + v6C7UPDTkNBgp9Stzs3vdixseVbfJ+L1XL4wZjPUbf9K9Xq04b9zYhaEeHzTjjx8DI5F9qtxJR+9 + API/8e/sGccVC+Lcqwle1ha6qeVf53URS6RXKn1u0Gfoo7uklIzr/s4ZeNXSCB/t3i6L3CtNgxZJ + Poo2D0kJjoI7wDQIwDBuGWIch4Z4MtdY7+/WBFIH/zKKqNBpHHMaS5vGvAdZRDdJyj212kYV5TEW + KunjFuykAr02hozaTVRKygu6x63xE+GuHPMpLDF7XES37ADoWL3LiNmXUAcNBL2QBIZO1ce8MYmp + jGUW4SbDlAVLJfGWQATA3tPkHwn+fotVIri936dJrF5dGmrUOJxK4IMjyxcAd5TeGnyqszK6Ralg + vn9W1jwE/pX3qVnOIFPSLoJxkoMZOM6XYpUFh7PDKAPSJTsD93BhLcAIMa9Fh9ma9SEySBWyqosM + uY2nsk4rRtfxAeOOOiEYwJMTXF1yxBN/l3kWy321ytbr9Srj62BFn+kSOwPr+UJL4ne5SSG905PH + YI7U0v8HzdhYj1wSuLMx81ipnoTZHEsaA4ZrSevrN7++uXxPY7q4ptP7Oq/OV/jRk498LcEhPKb2 + Ryucyx94q2WeSoHbgofsj3GDEzJ7GPzF3oBCwyQbjbT1WjmgnVIAevBjSJ4siiEjOKAlnxz6jJnN + njDXhh3/MjDg0B82UegtSCvyhfioufLmBdGiU8bBFHsKOTR9pdwaHRRzqzko547mSUF3NE9KuqN5 + UtQdzZOybjUHhd3RdEs7cPpNvZ7ZNCAtzEgDkkEF8zlwMUYGE17IhYsxMqAYVQMXY2RBcTRNy2tQ + 6agYJItKR8MgWVQ6GgbJotLRMEgWFUejQbKodDQaJCeZgNcWmcQpeaYJ3+Kw0PNdZcEf6E74dhHz + OUBi1jc4/qYHvE3Uzc+0AN9eZQLxKB4X9EG9LeACZIp9ExJUzBSaQrhGkz4jHa2jNmGfjQ7jUZtp + n40O8FGbWZ+Njoi1IY/ecQdS3cl2OJUEQx3xoSq7OsTcaqK0zGmvE1gQ8wi76LxvURXSry9qEgJd + 6mABE7ufd/sorjhu73JK1BdCCjwkG7lp2zwG/g5SVEhU8/J7+rwx3ed85Waa4kWbXZINyBv8uwMN + qfKFpR5H+ewrl3UOsFvwvs1lw2dy2ZC5bPgyLvsfAAAA//+iSluW3K4vcrqldVvWcLQtWwAAAAD/ + /+yay26DMBBFf6WqlKUpDwdCpShNpFbpL2Q32KapEh7iof5+PZhYxInbqisWllgg8OBhsIcr3eO0 + rNOyTsta2vqVNrtq7FfabNranZa91MtpWadl56FlAx36i5a99e+X2sI27VubsR/QqbXXNcBOA1qA + qIM51AZ0+LYbVFMYZoR20S9VsA20ueq+jfzw9ZzQdcCOaKqN1vLUnTbNy7YvCkA79vGuX4ilRqai + av5p2KI62QBjyHG883USSCXrL6KtiFdxFlMgfh4mhOawJGma+ITHORdJnlERobmrI+W0Kvb5j5EC + 18uWc5lLizlDU535yyRlViEn9zMPNnwl4X00ahjGXJikKI94mAkOcbICEUHKc6DpimUQp4wGwYav + h6fId12Eb/JQcaSAcrQ8CVGXWq9vyZcsGQk99FI91S2xpqQGaLGkMn5Q83JfytP9jlCvLtFiN9my + +Wdswmnzz9iE2+aesWxhXHFaIwOxHxb/w+4M5UmU7fGzHrYW2mYKplJd8FCVOPq1b6paPB1kf2II + Do17EAlLeVfvdJxm5Erv0xPU1nupDaqiGqpqxn+A6zo36+sbAAD//xr49DVa6tDDxaOlDq5SB73U + wNX4M4G38eBNIKCf0iF5sxq0chzKNgC6JL8kEbruHd0UXK08A1zFmIER9vIQ1xJKA5wewNkKhPsM + XQeu5qExTgl4uzE1ryyzKD8P0nCECKWUQjddQLjEhF4ZsFNB7nJEjOXAEMPghgJtykgsDssHL4yE + rUAG5gOIk6thTGh1RLYDwBtU9GHm6ijlJlYEQYa1UDwLXtJYVOJYAvE4aGk1aNkjyOtwcVTNRii6 + oRrArq2trQUAAAD//wMAO5wx+uMzAAA= + headers: + Atl-Request-Id: + - 4ff5f7ff-8d18-4bbf-85bb-508cd0066144 + Atl-Traceid: + - 4ff5f7ff8d184bbf85bb508cd0066144 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:36 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=333,atl-edge-internal;dur=13,atl-edge-upstream;dur=321,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 8b7531b317452184ec57e0570a191a71 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQX0vDMBTFv0te3br8abs2bzLBKTqFdi+KSJrcYjVNSpMOxth3N8Ghe1TfLvf8 + zj2He0CNcLAdNeLozfvB8cVCQQvSK/tuE+G1cK4TJjHg0Qypzg1a7P/BVzDuOgkK3Mca9LAC42H8 + 65GVNa2ewEj4nXMHo+usCTDBmCQ4wfNqc/lYrR/qH3Uz9U2YEH+O0AzP8EvIhEHbfR9a1vshpq20 + nVQwNVOn1ZcF8WCgy+VpeSV8BCmm6ZzQOSlrQjkjnLAEY3yBAxz8LvwBxrrrz1mGa1JwknKWJ6zM + vlnZ35jWBhCnGU4ZzQVrmiIrSpKVRGWUSUkLUDkR0AqR5s1ZgNcx4bYbRXxh0Cft76wUcX1A+jQh + MK/bCh3Piz1ZE5Xr+xodPwEAAP//AwChsT7JIAIAAA== + headers: + Atl-Request-Id: + - 27fe2f1b-9f83-4045-9322-bc366f157577 + Atl-Traceid: + - 27fe2f1b9f8340459322bc366f157577 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:36 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=158,atl-edge-internal;dur=14,atl-edge-upstream;dur=145,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 353d6b4edab9302c92df895fa2d603ed + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 2dbf8a5e-2f13-43f7-9e80-bdc5ba5213e0 + Atl-Traceid: + - 2dbf8a5e2f1343f79e80bdc5ba5213e0 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:36 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=305,atl-edge-internal;dur=19,atl-edge-upstream;dur=287,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - a3ecf719596af998b017df96c3a71903 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: fresh:0.3.0", "description": "\n\n\n\n\n\n\nA group + of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: fresh:0.3.0|http://localhost:8080/finding_group/360] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2017-16119|https://nvd.nist.gov/vuln/detail/CVE-2017-16119] + | [400|https://cwe.mitre.org/data/definitions/400.html] | fresh | 0.3.0 | [Regular + Expression Denial of Service - (Fresh, < 0.5.2)|http://localhost:8080/finding/235] + | Active, Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [Regular Expression Denial of Service - (Fresh, < 0.5.2)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2017-16119|https://nvd.nist.gov/vuln/detail/CVE-2017-16119]\n\n\n\n\n\n\n*Source + File*: express>fresh\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/526\nAffected + versions of `fresh` are vulnerable to regular expression denial of service when + parsing specially crafted user input.\n Vulnerable Module: fresh\n Vulnerable + Versions: < 0.5.2\n Patched Version: >= 0.5.2\n Vulnerable Paths: \n - + 0.3.0:express>fresh,express>send>fresh,express>serve-static>send>fresh,serve-favicon>fresh\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.5.2 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/526\n\n\n*Reporter:* + [(admin) ()|mailto:]\n", "priority": {"name": "High"}}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '1974' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue + response: + body: + string: '{"id":"15999","key":"NTEST-1587","self":"https://defectdojo.atlassian.net/rest/api/2/issue/15999"}' + headers: + Atl-Request-Id: + - 40223e0e-b863-4edc-adf6-50bb7ae7846f + Atl-Traceid: + - 40223e0eb8634edcadf650bb7ae7846f + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:37 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=681,atl-edge-internal;dur=17,atl-edge-upstream;dur=668,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - ccdc5d5cea4d44b84753189f473cdb30 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 201 + message: Created +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1587 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSbbMmU7HtZXEreu6spI8OB4PTK5IxCTAAqCOxvnv3SVF + KT6Y1u40owfi2gO7335YfXZgVXKZOJGjQSagIXktIE9MT/ICTM/EGRS8p0rQ3AolTQ8SYQuwvBdn + XKaQq7S3AG1wD5IplBoMSLs5G1fGqmJOCq8D3w98V8OfFRg7W5dwrnlsRQxOzxFkPxgdHBzgxEA+ + x2lmbWkiz0tgDrFN1CflcptzYwSXrgTroSXr8VJ4oSeMqcBrFdzCGuXPZpOLWT8YjfdxqXbBONFn + x6BvlYm5hVTpdXOHBGcoEfrhsB+E/YE/C8ZRMIwG++5oMPoB/fbJSTJi0fFazQudJHkP9fnh9tqb + SQIm1qKkwOHqITMFz/MeS4SxQsaWlQJiYGrOlkrfuiQdK/lO58/0opKC0sXza77glmtvIWDp1W7t + HNxsBf4gGP9kxF/wY4Fprwq0SrBAkzNubilX1Y2lUTTnuYGe0wie4L1q2Z6TCQSOjrP1KSwAffW/ + 9BwrEFklosSJZIV3dB7AZOB3bQTtRqnVJ7zqCzOxka7zUGe2zQNNvkLP7rrvpLAWFRhna5sg/Gt9 + 1qi5XXJNQDaiKHOBDicPQoKJquE3HK+G42e6+42UtTfZJmzoE9zD4Soc/r9WGljUIEWDwd4q2Pse + BletxUG4GoTfw+IG+V++PIZj2IXTQbsxF6v3DTli9i+vEA1pqiFFvvnHIhi1G3gBlVcNLzx9dK9r + Y79jI+zcGHdtHDx2p6HNZpVIqX4hnKgf4JRbfDgawn1+fTZ0viNwr1Gnqfrq4ZGqKHABkfIHWhAy + dSKrK8AsoVL7HhNLNdg4V+sj/VrETRw/P1ojX1HYZKrKk2NhypyvNzVMmdeAlyWaeOqRCMNB+0g8 + DFsXlYVbKnu4sQVVqYXSwq5fGMRW3Ktfmn//VoiCp2A8kjCtEoELmUgz1yzSHSm+xZWWPUPncX2E + 2zLI+Q0Q/1EFPOwJusAbdGE0GFNEMm4mpYhPhbx9TTvHUFL/IuM2a3Uul/XedkUqOcH2hd/kMAVu + GiTozcg5P3335uTs+vTkaHJ2MbmeTKe/T/F+WKcGQ4IHZhmwcyR6aRnZZcIwJfM1Q9IQOSllVrFf + hObsXEOBrMEqg6h1nyKPAAvK8e+E75fJp8hpXkXMHoZ/V1X32AITkQrJ84eHNt3XJrw1rnP0riUc + zGwqYXu6KqlsO5E83m+R3DRKLwRfI7x9YO/3Ns/D4w5vP/P4FtvNFnKt8sbW0aaj+08Ot21hUzNo + JGz7AQlLqm6VK33WeHOTV9BPNbLErilS7Fg1yVZFiQ2xtE+DftRFC6MtLXwr4/fD+VF+/TtkqVZV + SY3iayETJEbDsFbYDYBkZWUySGqUnkwP6XsDTMgFGSCYJQz/CjB8tCCJSFkWuuwNqfsoX9XfVxG7 + 3KoVMmJzjGEW+e7A9e8o3hjuXMU8z5Sx0dgf+968OX5du+UN9vwrFGSXFxBXRE/srVr2reoQxmc5 + qfBZDq+Yxy4DY9kfFdcWNJvIFIuywBB3iML2gBfU0mfnv7HDCsufXcRcdkhRk+cd+FdNMO/u2AX2 + rbWfOD56P6k/H5pPm2OabF55Gs6ERSYg0RpTOEJFjMiS3bFL1NEPkdz6wV4QHNReEEblInEltvpu + qhbeosolotYiq3j3z1+RiqHfxJrk4iW4hbAaXKVTD0ubE9wFtqtECR4edTNb5CRXpwq/dbJIzxTS + KucYyhX9a6vdPwYp/gYAAP//7FnbTttAEP2VFVJREsXGsZ0rQjQoRVCJqipqH+gLG++auHXiyHHC + Q/n4nllvlsRkaUvVKg8IlMvOXsYzs2fOTHhKwXMt8xWKM+aw2jktbLLDtDjG4rbr1y3G064+8oM2 + HThEYl3JJtlGUWL2QDZtrC06aCij0BhrjJaSjRCBGHyP28n8fpMBoNpsO7rXf5OWa8JbfQ/cf/w8 + UHykcARX/FvGCGGh6y/XsRpe6rue+tlnZg0EGca/4s15kb9xJEJHbfF3Ebdt+MZ1tsxhxvMklQAD + WZr68K44VuG1MXH0CFINgIk5NgN66bvvJtkRF6tkAaADw2j7HeBXTEZGsKzTGjnvVm1+y5B7GamK + mlJn21z7XCtCPhfG5wvt8/sJYR/HfrM7BtIdQY60HeU8ppMoSQOT5svCheW/PO5/BfBJpQa5bdGa + 1Q82wggzPiqiKtZiSGGZEyPe2AAzJ1iNQYSkupKDqjGbGwMLkBuLIF9Jh9JXEj2dWEpjvqKEu+El + wrABvVBw4eswirDfAAlinCaR9uBVorKCduBnRRzI5toz5VOxLGcpBLlrPH85nfOooDUfMpaoLwxA + vkqEFFux9AkXCmwKR/9JhOil84zyAAV4jYtpMquzWv1higAusgGC9ikXbxs6WqVitmzcCm0CU5xR + mi5yEBNVgVAFUZkamsKpIvDMHlWBjRF7hhGvzWObaKviPKPMFrOs8gteFDyaUOos2ctiOZ1yolYH + ttxP1qYSKctfyL/oDp7yKKLC7lKcdFsAQu9NMJSdXmfcCbnjxX7XCWPedvr9rueITixkNx6HMiCu + Zlbi2HLt4DdXSgqZoRB0n0hnnmepeLuhMqgcHfBsF0f5Q7pgg2oarVl3EoI4EP5YCt7p9rgMeF/E + POz3ojHv9KOw1ToVJ2oXPOsb/xz/5TpnymeavjhOObRwlwvnHiZzfJd4kVteVrKpM+d8QSbFepUL + UO7g48WZE7rzGTHmakdo/zWutpT2X+NqS2rfNQZYibLRoUuaCxX87Czls+9ytpgkc3W1iMWV3ZUS + 727AejH73TLP5vLoBkgUUR9A30Hqi0Jqbjodo9vEu4uh0Aa/oa1HEtoab6GB+Fznh1c42sPAe4Wj + /6HxKxzZ4KiKGobmGVYE1e/KK/iDfu/Rnz0cmBVc/4xV3cXK56wwZiV6/m6gtHVEPRuzJVTYKfBs + zDboHfwEAAD//8IhAW86puaVZRbl50GahxChlFLoHCqES1To5edCTKiGMaG1AxmlNdL0rz7MXB2l + 3MSKoNTi0hyQwUh2gwcMi0ocSyDuKMsvod48BcQwuKFAuzISi8PyweOtsKkE0EwJaBQTZCXcIaiu + NUJxLlQDOHhqa2sBAAAA//8DAHg6ZrGyHwAA + headers: + Atl-Request-Id: + - 4f077939-7f23-46e5-83d9-69da48a7ed15 + Atl-Traceid: + - 4f0779397f2346e583d969da48a7ed15 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:37 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=281,atl-edge-internal;dur=13,atl-edge-upstream;dur=268,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - e5c85f349a5c18f5462bc73d1dc1807b + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15999 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSbbMmU7HtZXEreu6spI8OB4PTK5IxCTAAqCOxvnv3SVF + KT6Y1u40owfi2gO7335YfXZgVXKZOJGjQSagIXktIE9MT/ICTM/EGRS8p0rQ3AolTQ8SYQuwvBdn + XKaQq7S3AG1wD5IplBoMSLs5G1fGqmJOCq8D3w98V8OfFRg7W5dwrnlsRQxOzxFkPxgdHBzgxEA+ + x2lmbWkiz0tgDrFN1CflcptzYwSXrgTroSXr8VJ4oSeMqcBrFdzCGuXPZpOLWT8YjfdxqXbBONFn + x6BvlYm5hVTpdXOHBGcoEfrhsB+E/YE/C8ZRMIwG++5oMPoB/fbJSTJi0fFazQudJHkP9fnh9tqb + SQIm1qKkwOHqITMFz/MeS4SxQsaWlQJiYGrOlkrfuiQdK/lO58/0opKC0sXza77glmtvIWDp1W7t + HNxsBf4gGP9kxF/wY4Fprwq0SrBAkzNubilX1Y2lUTTnuYGe0wie4L1q2Z6TCQSOjrP1KSwAffW/ + 9BwrEFklosSJZIV3dB7AZOB3bQTtRqnVJ7zqCzOxka7zUGe2zQNNvkLP7rrvpLAWFRhna5sg/Gt9 + 1qi5XXJNQDaiKHOBDicPQoKJquE3HK+G42e6+42UtTfZJmzoE9zD4Soc/r9WGljUIEWDwd4q2Pse + BletxUG4GoTfw+IG+V++PIZj2IXTQbsxF6v3DTli9i+vEA1pqiFFvvnHIhi1G3gBlVcNLzx9dK9r + Y79jI+zcGHdtHDx2p6HNZpVIqX4hnKgf4JRbfDgawn1+fTZ0viNwr1Gnqfrq4ZGqKHABkfIHWhAy + dSKrK8AsoVL7HhNLNdg4V+sj/VrETRw/P1ojX1HYZKrKk2NhypyvNzVMmdeAlyWaeOqRCMNB+0g8 + DFsXlYVbKnu4sQVVqYXSwq5fGMRW3Ktfmn//VoiCp2A8kjCtEoELmUgz1yzSHSm+xZWWPUPncX2E + 2zLI+Q0Q/1EFPOwJusAbdGE0GFNEMm4mpYhPhbx9TTvHUFL/IuM2a3Uul/XedkUqOcH2hd/kMAVu + GiTozcg5P3335uTs+vTkaHJ2MbmeTKe/T/F+WKcGQ4IHZhmwcyR6aRnZZcIwJfM1Q9IQOSllVrFf + hObsXEOBrMEqg6h1nyKPAAvK8e+E75fJp8hpXkXMHoZ/V1X32AITkQrJ84eHNt3XJrw1rnP0riUc + zGwqYXu6KqlsO5E83m+R3DRKLwRfI7x9YO/3Ns/D4w5vP/P4FtvNFnKt8sbW0aaj+08Ot21hUzNo + JGz7AQlLqm6VK33WeHOTV9BPNbLErilS7Fg1yVZFiQ2xtE+DftRFC6MtLXwr4/fD+VF+/TtkqVZV + SY3iayETJEbDsFbYDYBkZWUySGqUnkwP6XsDTMgFGSCYJQz/CjB8tCCJSFkWuuwNqfsoX9XfVxG7 + 3KoVMmJzjGEW+e7A9e8o3hjuXMU8z5Sx0dgf+968OX5du+UN9vwrFGSXFxBXRE/srVr2reoQxmc5 + qfBZDq+Yxy4DY9kfFdcWNJvIFIuywBB3iML2gBfU0mfnv7HDCsufXcRcdkhRk+cd+FdNMO/u2AX2 + rbWfOD56P6k/H5pPm2OabF55Gs6ERSYg0RpTOEJFjMiS3bFL1NEPkdz6wV4QHNReEEblInEltvpu + qhbeosolotYiq3j3z1+RiqHfxJrk4iW4hbAaXKVTD0ubE9wFtqtECR4edTNb5CRXpwq/dbJIzxTS + KucYyhX9a6vdPwYp/gYAAP//7FnbTttAEP2VFVJREsXGsZ0rQjQoRVCJqipqH+gLG++auHXiyHHC + Q/n4nllvlsRkaUvVKg8IlItnZy8zs2fOTHhKwXMt8xWKM+aw2jkpNtlhWhxDue36dYvxtKuP/KBN + Cw6RWFeySbZRlJg9kE0ba4sOGsoo9Iw1RkvJRohAPHyP28n8fpMBoNpsO7rXf5OWa8JbfQ/cf3we + bHykcARX/FvGCGGx11/qsRpe6rtO/eyZWQNBhudf8ea8yN9YEqGjpvi7iNs2fOM6W+Yw43mSSoCB + LE19eFccq/DaGDh6BKkGwMQsmwG99N13k+yIi1WyANCBYbT9DvArJiMjWNZpjZx3qya/Zci9jLaK + mlJn21z7XG+EfC6Mzxfa5/cTwj6O+WZ3DKQ7ghxpO8p5TCtRkgYmzZeFC8t/eZz/CuCTSg1y26I1 + qx9shBFGfFREVazFkMIyJ0a8MQFGTqCNhwhJdSUHVWM2Nx4sQG4sgnwlHUpfSfR0YCmN+YoS7oaX + CMMG9ELBha/DKMJ8AySIcZpE2oNXicoK2oGfFXEgm2vPlKdiWc5SCHLXeP5yOudRQTofMpaoLwxA + vkqEFFux9AkXCmwKS/9JhGjVeUZ5gAK8xsU0mdVZrf4wRQAX2QBB+5SLtw0drVIxWzZuhZvZuMjB + P1ShQYVCdagp1yqC0BROFYFn0/BsjNgzjHhtHttAWxXnmc1sMcsqv+BFwaMJpc6SvSyW0yknanVg + y/1kbSqRsvyF/Ivu4CmPIirsLsVJtwUg9N4EQ9npdcadkDte7HedMOZtp9/veo7oxEJ243EoA+Jq + RhPLlrqD39SUFDJDIeg+0Z55nqXi7caWQeVogWe7OMof0gUbVMNIZ91JCOJA+GMpeKfb4zLgfRHz + sN+LxrzTj8JW61ScqFlw1jf+Of5LPWfKZ5q+OE75aOEuF849TOb4LvEit7ysZFNnzvmCTAp9lQtQ + 7uDjxZkTuvMZMeZqR2j/d1xtKe3/jqstqX3fMVBMlI0OXdJcqOBnZymffZezxSSZq6tFLK7srpRA + eAPWi9Hvlnk2l0c3QKKI+gD6DlJfFFJz02kZ3SbeXQyFNvgNbT2S0NZ4Cw3E5zo/vMLRHgbeKxz9 + jx2/wpENjqqoYWieYUXY+l15BX/Q7z36s4cFs4Lrn7Gqs1j5nBXGrETP3w2Uto6oZ2O2hAo7BZ45 + ckUQ9A5+AgAA///CIQFvOqbmlWUW5edBmocQoZRS6BwqhEtU6OXnQkyohjGhtQMZpTXS9K8+zFwd + pdzEiqDU4tIckMFIdoMHDItKHEsg7ijLL6HePAXEMLihQLsyEovD8sHjrbCpBNBMCWgUE2Ql3CGo + rjVCcS5UAzh4amtrAQAAAP//AwDNg8Y6sh8AAA== + headers: + Atl-Request-Id: + - fbf1c9e1-3b13-411d-9b12-05594b9d0a7f + Atl-Traceid: + - fbf1c9e13b13411d9b1205594b9d0a7f + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:38 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=254,atl-edge-internal;dur=14,atl-edge-upstream;dur=240,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 5ee8648a6ba691541d5e1c66d605d835 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"description": "Event test_added has occurred.", "title": "Test created + for Security How-to: 1st Quarter Engagement: NPM Audit Scan", "user": null, + "url_ui": "http://localhost:8080/test/90", "url_api": "http://localhost:8080/api/v2/tests/90/", + "product_type": {"name": "ebooks", "id": 2, "url_ui": "http://localhost:8080/product/type/2", + "url_api": "http://localhost:8080/api/v2/product_types/2/"}, "product": {"name": + "Security How-to", "id": 2, "url_ui": "http://localhost:8080/product/2", "url_api": + "http://localhost:8080/api/v2/products/2/"}, "engagement": {"name": "1st Quarter + Engagement", "id": 1, "url_ui": "http://localhost:8080/engagement/1", "url_api": + "http://localhost:8080/api/v2/engagements/1/"}, "test": {"title": null, "id": + 90, "url_ui": "http://localhost:8080/test/90", "url_api": "http://localhost:8080/api/v2/tests/90/"}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + Auth: + - Token xxx + Connection: + - keep-alive + Content-Length: + - '844' + Content-Type: + - application/json + User-Agent: + - DefectDojo-2.41.0 + X-DefectDojo-Event: + - test_added + X-DefectDojo-Instance: + - http://localhost:8080 + method: POST + uri: http://webhook.endpoint:8080/post + response: + body: + string: "{\n \"args\": {},\n \"headers\": {\n \"Accept\": [\n \"application/json\"\n + \ ],\n \"Accept-Encoding\": [\n \"gzip, deflate\"\n ],\n \"Auth\": + [\n \"Token xxx\"\n ],\n \"Connection\": [\n \"keep-alive\"\n + \ ],\n \"Content-Length\": [\n \"844\"\n ],\n \"Content-Type\": + [\n \"application/json\"\n ],\n \"Host\": [\n \"webhook.endpoint:8080\"\n + \ ],\n \"User-Agent\": [\n \"DefectDojo-2.41.0\"\n ],\n \"X-Defectdojo-Event\": + [\n \"test_added\"\n ],\n \"X-Defectdojo-Instance\": [\n \"http://localhost:8080\"\n + \ ]\n },\n \"method\": \"POST\",\n \"origin\": \"172.18.0.7:54808\",\n + \ \"url\": \"http://webhook.endpoint:8080/post\",\n \"data\": \"{\\\"description\\\": + \\\"Event test_added has occurred.\\\", \\\"title\\\": \\\"Test created for + Security How-to: 1st Quarter Engagement: NPM Audit Scan\\\", \\\"user\\\": + null, \\\"url_ui\\\": \\\"http://localhost:8080/test/90\\\", \\\"url_api\\\": + \\\"http://localhost:8080/api/v2/tests/90/\\\", \\\"product_type\\\": {\\\"name\\\": + \\\"ebooks\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/type/2\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/product_types/2/\\\"}, \\\"product\\\": + {\\\"name\\\": \\\"Security How-to\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/2\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/products/2/\\\"}, \\\"engagement\\\": + {\\\"name\\\": \\\"1st Quarter Engagement\\\", \\\"id\\\": 1, \\\"url_ui\\\": + \\\"http://localhost:8080/engagement/1\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/engagements/1/\\\"}, + \\\"test\\\": {\\\"title\\\": null, \\\"id\\\": 90, \\\"url_ui\\\": \\\"http://localhost:8080/test/90\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/90/\\\"}}\",\n \"files\": + {},\n \"form\": {},\n \"json\": {\n \"description\": \"Event test_added + has occurred.\",\n \"engagement\": {\n \"id\": 1,\n \"name\": + \"1st Quarter Engagement\",\n \"url_api\": \"http://localhost:8080/api/v2/engagements/1/\",\n + \ \"url_ui\": \"http://localhost:8080/engagement/1\"\n },\n \"product\": + {\n \"id\": 2,\n \"name\": \"Security How-to\",\n \"url_api\": + \"http://localhost:8080/api/v2/products/2/\",\n \"url_ui\": \"http://localhost:8080/product/2\"\n + \ },\n \"product_type\": {\n \"id\": 2,\n \"name\": \"ebooks\",\n + \ \"url_api\": \"http://localhost:8080/api/v2/product_types/2/\",\n \"url_ui\": + \"http://localhost:8080/product/type/2\"\n },\n \"test\": {\n \"id\": + 90,\n \"title\": null,\n \"url_api\": \"http://localhost:8080/api/v2/tests/90/\",\n + \ \"url_ui\": \"http://localhost:8080/test/90\"\n },\n \"title\": + \"Test created for Security How-to: 1st Quarter Engagement: NPM Audit Scan\",\n + \ \"url_api\": \"http://localhost:8080/api/v2/tests/90/\",\n \"url_ui\": + \"http://localhost:8080/test/90\",\n \"user\": null\n }\n}\n" + headers: + Access-Control-Allow-Credentials: + - 'true' + Access-Control-Allow-Origin: + - '*' + Content-Type: + - application/json; charset=utf-8 + Date: + - Mon, 30 Dec 2024 17:14:38 GMT + Transfer-Encoding: + - chunked + status: + code: 200 + message: OK +- request: + body: '{"description": "Event scan_added has occurred.", "title": "Created/Updated + 5 findings for Security How-to: 1st Quarter Engagement: NPM Audit Scan", "user": + null, "url_ui": "http://localhost:8080/test/90", "url_api": "http://localhost:8080/api/v2/tests/90/", + "product_type": {"name": "ebooks", "id": 2, "url_ui": "http://localhost:8080/product/type/2", + "url_api": "http://localhost:8080/api/v2/product_types/2/"}, "product": {"name": + "Security How-to", "id": 2, "url_ui": "http://localhost:8080/product/2", "url_api": + "http://localhost:8080/api/v2/products/2/"}, "engagement": {"name": "1st Quarter + Engagement", "id": 1, "url_ui": "http://localhost:8080/engagement/1", "url_api": + "http://localhost:8080/api/v2/engagements/1/"}, "test": {"title": null, "id": + 90, "url_ui": "http://localhost:8080/test/90", "url_api": "http://localhost:8080/api/v2/tests/90/"}, + "finding_count": 5, "findings": {"new": [{"id": 232, "title": "Regular Expression + Denial of Service - (Negotiator, <= 0.6.0)", "severity": "High", "url_ui": + "http://localhost:8080/finding/232", "url_api": "http://localhost:8080/api/v2/findings/232/"}, + {"id": 233, "title": "2222Regular Expression Denial of Service - (Negotiator, + <= 0.6.0)", "severity": "High", "url_ui": "http://localhost:8080/finding/233", + "url_api": "http://localhost:8080/api/v2/findings/233/"}, {"id": 234, "title": + "Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= + 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= + 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= + 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)", "severity": + "High", "url_ui": "http://localhost:8080/finding/234", "url_api": "http://localhost:8080/api/v2/findings/234/"}, + {"id": 235, "title": "Regular Expression Denial of Service - (Fresh, < 0.5.2)", + "severity": "High", "url_ui": "http://localhost:8080/finding/235", "url_api": + "http://localhost:8080/api/v2/findings/235/"}, {"id": 236, "title": "2222Remote + Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 + < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 + < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 + < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)", "severity": + "High", "url_ui": "http://localhost:8080/finding/236", "url_api": "http://localhost:8080/api/v2/findings/236/"}], + "reactivated": [], "mitigated": [], "untouched": []}}' + headers: + Accept: + - application/json + Accept-Encoding: + - gzip, deflate + Auth: + - Token xxx + Connection: + - keep-alive + Content-Length: + - '2502' + Content-Type: + - application/json + User-Agent: + - DefectDojo-2.41.0 + X-DefectDojo-Event: + - scan_added + X-DefectDojo-Instance: + - http://localhost:8080 + method: POST + uri: http://webhook.endpoint:8080/post + response: + body: + string: "{\n \"args\": {},\n \"headers\": {\n \"Accept\": [\n \"application/json\"\n + \ ],\n \"Accept-Encoding\": [\n \"gzip, deflate\"\n ],\n \"Auth\": + [\n \"Token xxx\"\n ],\n \"Connection\": [\n \"keep-alive\"\n + \ ],\n \"Content-Length\": [\n \"2502\"\n ],\n \"Content-Type\": + [\n \"application/json\"\n ],\n \"Host\": [\n \"webhook.endpoint:8080\"\n + \ ],\n \"User-Agent\": [\n \"DefectDojo-2.41.0\"\n ],\n \"X-Defectdojo-Event\": + [\n \"scan_added\"\n ],\n \"X-Defectdojo-Instance\": [\n \"http://localhost:8080\"\n + \ ]\n },\n \"method\": \"POST\",\n \"origin\": \"172.18.0.7:54810\",\n + \ \"url\": \"http://webhook.endpoint:8080/post\",\n \"data\": \"{\\\"description\\\": + \\\"Event scan_added has occurred.\\\", \\\"title\\\": \\\"Created/Updated + 5 findings for Security How-to: 1st Quarter Engagement: NPM Audit Scan\\\", + \\\"user\\\": null, \\\"url_ui\\\": \\\"http://localhost:8080/test/90\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/90/\\\", \\\"product_type\\\": + {\\\"name\\\": \\\"ebooks\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/type/2\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/product_types/2/\\\"}, \\\"product\\\": + {\\\"name\\\": \\\"Security How-to\\\", \\\"id\\\": 2, \\\"url_ui\\\": \\\"http://localhost:8080/product/2\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/products/2/\\\"}, \\\"engagement\\\": + {\\\"name\\\": \\\"1st Quarter Engagement\\\", \\\"id\\\": 1, \\\"url_ui\\\": + \\\"http://localhost:8080/engagement/1\\\", \\\"url_api\\\": \\\"http://localhost:8080/api/v2/engagements/1/\\\"}, + \\\"test\\\": {\\\"title\\\": null, \\\"id\\\": 90, \\\"url_ui\\\": \\\"http://localhost:8080/test/90\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/tests/90/\\\"}, \\\"finding_count\\\": + 5, \\\"findings\\\": {\\\"new\\\": [{\\\"id\\\": 232, \\\"title\\\": \\\"Regular + Expression Denial of Service - (Negotiator, <= 0.6.0)\\\", \\\"severity\\\": + \\\"High\\\", \\\"url_ui\\\": \\\"http://localhost:8080/finding/232\\\", \\\"url_api\\\": + \\\"http://localhost:8080/api/v2/findings/232/\\\"}, {\\\"id\\\": 233, \\\"title\\\": + \\\"2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)\\\", + \\\"severity\\\": \\\"High\\\", \\\"url_ui\\\": \\\"http://localhost:8080/finding/233\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/233/\\\"}, {\\\"id\\\": + 234, \\\"title\\\": \\\"Remote Code Execution - (Pg, < 2.11.2 || >= + 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= + 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= + 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= + 7.1.0 < 7.1.2)\\\", \\\"severity\\\": \\\"High\\\", \\\"url_ui\\\": \\\"http://localhost:8080/finding/234\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/234/\\\"}, {\\\"id\\\": + 235, \\\"title\\\": \\\"Regular Expression Denial of Service - (Fresh, < + 0.5.2)\\\", \\\"severity\\\": \\\"High\\\", \\\"url_ui\\\": \\\"http://localhost:8080/finding/235\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/235/\\\"}, {\\\"id\\\": + 236, \\\"title\\\": \\\"2222Remote Code Execution - (Pg, < 2.11.2 || >= + 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= + 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= + 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= + 7.1.0 < 7.1.2)\\\", \\\"severity\\\": \\\"High\\\", \\\"url_ui\\\": \\\"http://localhost:8080/finding/236\\\", + \\\"url_api\\\": \\\"http://localhost:8080/api/v2/findings/236/\\\"}], \\\"reactivated\\\": + [], \\\"mitigated\\\": [], \\\"untouched\\\": []}}\",\n \"files\": {},\n + \ \"form\": {},\n \"json\": {\n \"description\": \"Event scan_added has + occurred.\",\n \"engagement\": {\n \"id\": 1,\n \"name\": \"1st + Quarter Engagement\",\n \"url_api\": \"http://localhost:8080/api/v2/engagements/1/\",\n + \ \"url_ui\": \"http://localhost:8080/engagement/1\"\n },\n \"finding_count\": + 5,\n \"findings\": {\n \"mitigated\": [],\n \"new\": [\n {\n + \ \"id\": 232,\n \"severity\": \"High\",\n \"title\": + \"Regular Expression Denial of Service - (Negotiator, <= 0.6.0)\",\n \"url_api\": + \"http://localhost:8080/api/v2/findings/232/\",\n \"url_ui\": \"http://localhost:8080/finding/232\"\n + \ },\n {\n \"id\": 233,\n \"severity\": \"High\",\n + \ \"title\": \"2222Regular Expression Denial of Service - (Negotiator, + <= 0.6.0)\",\n \"url_api\": \"http://localhost:8080/api/v2/findings/233/\",\n + \ \"url_ui\": \"http://localhost:8080/finding/233\"\n },\n + \ {\n \"id\": 234,\n \"severity\": \"High\",\n \"title\": + \"Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || >= + 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= + 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= + 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)\",\n + \ \"url_api\": \"http://localhost:8080/api/v2/findings/234/\",\n \"url_ui\": + \"http://localhost:8080/finding/234\"\n },\n {\n \"id\": + 235,\n \"severity\": \"High\",\n \"title\": \"Regular Expression + Denial of Service - (Fresh, < 0.5.2)\",\n \"url_api\": \"http://localhost:8080/api/v2/findings/235/\",\n + \ \"url_ui\": \"http://localhost:8080/finding/235\"\n },\n + \ {\n \"id\": 236,\n \"severity\": \"High\",\n \"title\": + \"2222Remote Code Execution - (Pg, < 2.11.2 || >= 3.0.0 < 3.6.4 || + \ >= 4.0.0 < 4.5.7 || >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 + || >= 6.1.0 < 6.1.6 || >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 + || >= 6.4.0 < 6.4.2 || >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2)\",\n + \ \"url_api\": \"http://localhost:8080/api/v2/findings/236/\",\n \"url_ui\": + \"http://localhost:8080/finding/236\"\n }\n ],\n \"reactivated\": + [],\n \"untouched\": []\n },\n \"product\": {\n \"id\": 2,\n + \ \"name\": \"Security How-to\",\n \"url_api\": \"http://localhost:8080/api/v2/products/2/\",\n + \ \"url_ui\": \"http://localhost:8080/product/2\"\n },\n \"product_type\": + {\n \"id\": 2,\n \"name\": \"ebooks\",\n \"url_api\": \"http://localhost:8080/api/v2/product_types/2/\",\n + \ \"url_ui\": \"http://localhost:8080/product/type/2\"\n },\n \"test\": + {\n \"id\": 90,\n \"title\": null,\n \"url_api\": \"http://localhost:8080/api/v2/tests/90/\",\n + \ \"url_ui\": \"http://localhost:8080/test/90\"\n },\n \"title\": + \"Created/Updated 5 findings for Security How-to: 1st Quarter Engagement: + NPM Audit Scan\",\n \"url_api\": \"http://localhost:8080/api/v2/tests/90/\",\n + \ \"url_ui\": \"http://localhost:8080/test/90\",\n \"user\": null\n }\n}\n" + headers: + Access-Control-Allow-Credentials: + - 'true' + Access-Control-Allow-Origin: + - '*' + Content-Type: + - application/json; charset=utf-8 + Date: + - Mon, 30 Dec 2024 17:14:38 GMT + Transfer-Encoding: + - chunked + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQX0vDMBTFv0te3br8abs2bzLBKTqFdi+KSJrcYjVNSpMOxth3N8Ghe1TfLvf8 + zj2He0CNcLAdNeLozfvB8cVCQQvSK/tuE+G1cK4TJjHg0Qypzg1a7P/BVzDuOgkK3Mca9LAC42H8 + 65GVNa2ewEj4nXMHo+usCTDBmCQ4wfNqc/lYrR/qH3Uz9U2YEH+O0AzP8EvIhEHbfR9a1vshpq20 + nVQwNVOn1ZcF8WCgy+VpeSV8BCmm6ZzQOSlrQjkjnLAEY3yBAxz8LvwBxrrrz1mGa1JwknJWJMsy + /2Zlf2NaG0CcZjhlNBesaYqsKElWEpVRJiUtQOVEQCtEmjdnAV7HhNtuFPGFQZ+0v7NSxPUB6dOE + wLxuK3Q8L/ZkTVSu72t0/AQAAP//AwDwqwPDIAIAAA== + headers: + Atl-Request-Id: + - 8ca3d81a-84bf-42ac-85e8-3af90a8d8ecd + Atl-Traceid: + - 8ca3d81a84bf42ac85e83af90a8d8ecd + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:38 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=151,atl-edge-internal;dur=14,atl-edge-upstream;dur=138,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 97cb89a8d2b2fe30fa6c9c0b672e7f90 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSY7MmU7HdZTEreu6suw8OB4PTK5IxCTAAqCOxvnv3SVF + KT6Y1u409gNx7YHdbz+sPjuwKrlMnMjRIBPQkLwVkCemJ3kBpmfiDAreUyVoboWSpgeJsAVY3osz + LlPIVdpbgDa4B8kUSg0GpN2cjStjVTEnhdeB7we+q+HPCoydrUs41Ty2Igan5wiyH4z291/jxEA+ + x2lmbWkiz0tgDrFN1CflcptzYwSXrgTroSXr8VJ4oSeMqcBrFdzCGuVPZpOzWT8YjUe4VLtgnOiz + Y9C3ysTcQqr0urlDgjOUCP1w2A/C/sCfBeMoGEaD0B0HwQ/ot09OkhGLjtdqXugkyXuozw+3195M + EjCxFiUFDlcPmCl4nvdYIowVMrasFBADU3O2VPrWJelYyXOdP9OLSgpKF8+v+YJbrr2FgKVXu7Vz + cLMV+INg/JMRf8GPBaa9KtAqwQJNzri5pVxVN5ZG0ZznBnpOI3iE96ple04mEDg6ztbHsAD01f/S + c6xAZJWIEieSFd7ReQCTgd+1EbQbpVaf8KovzMRGus5Dndk2DzT5Cj27655LYS0qMM7WNkH41/qs + UXO75JqAbERR5gIdTh6EBBNVw284Xg3Hz3T3Gylrb7JN2NCnCgiHq3D4/1ppYFGDFA0Ge6tg73sY + XLUWB+FqEH4Pixvkf/nyGI5hF04H7cZcrC4acsTsX14hGtJUQ4p8849FMGo38AIqrxpeeProXtfG + 646NsHNj3LWx/9idhjabVSKl+oVwon6AU27x4WgI9/n12dD5jsC9Rp2m6quHh6qiwAVEyh9oQcjU + iayuALOESu0FJpZqsHGu1kf6tYibOH5+tEa+orDJVJUnb4Qpc77e1DBlXgNelmjiqUdiuB+2j8TD + sHVRWbilsocbW1CVWigt7PqFQWzFvfql+fdvhSh4CsYjCdMqEbiQiTRzzSLdkeJ7XGnZM3Qe10e4 + LYOc3wDxH1XAw56gC7xBF0aDMUUk42ZSivhYyNu3tPMGSupfZNxmrc7lst7brkglJ9i+8JscpsBN + gwS9GTmnx+fvjk6uj48OJydnk+vJdPr7FO+HdWowJHhglgE7RaKXlpFdJgxTMl8zJA2Rk1JmFftF + aM5ONRTIGqwyiFr3KfIIsKAc/074fpkMIqd5FTF7GP5dVd1jC0xEKiTPHx7adF+b8Na4ztG7lnAw + s6mE7emqpLLtQvJoz2+R3DRKLwRfI7x9YO/3Ns/D4w5vP/P4FtvNFnKt8sbW4aaj+08Ot21hUzNo + JGz7AQlLqm6VK33SeHOTV9BPNbLErilS7I1qkq2KEhtiaZ8G/aiLFkZbWvhWxu+H86P8+v+ApVpV + JTWKb4VMkBgNw1phNwCSlZXJIKlRejQ9oO8NMCEXZIBgljD8KcDw0YIkImVZ6LJ3pO6jfFV/X0Xs + cqtWyIhJjJcV3Cod+e7IHdxR0DHmuYp5niljo7E/9r15I3Nd++YNRuMrlGaXZxBXxFHsvVr2reoQ + xrc5qfBtDq+Yxy4DY9kfFdcWNJvIFCuzwDh3iML2gBfU0ienv7GDCjmAncVcdkhRp+ft+1dNRO/u + 2Bk2r7WfOD68mNSfD82nTTRNNk89DWfCIh2QaA0sHKEiRozJ7tgl6uiHSAF97JLDoPaCgCoXiSux + 33dTtfAWVS4Ruhapxbt//opUDHx/KxcvwS2E1eAqnXpY35wwL7BnJV7w8Kib2SInuV2+cFJnjJSF + +DeFtMo5xvRvAAAA///sWW1v2jAQ/ivWpFaASApJCIWq6qhY1U5rNa3aPnRfMLED2UISJYTuw378 + nnNMeCmUjqpVJ00gILbPPp/vnvM9/KIaTu2jL6OAh+RKtzKdoVRjBqvclDPU2WE4PTnFNK7ZqG6x + pT75I8u2af0eku1M1slU6prMNtnFxT5bdufJdtHjlV2cp9vF2WmXF7eJtc0mCLi503Vryj7Uxmr9 + XLI+IhWNH4FizOrUGYC8xVZRYP4aN80SBtSzbb7aaWMLfYW8AMUfMaOcBK13yrEKPqqb9v/o7lkN + EYn27/gy9goOLAl/UlM8LzxXj6B2G+cpjHkRhBLwKQuDH46mJ9zzZDJVPxfutyTYX8B8DXBcqhED + /zVwmkF8xMUsyJAqJOXbNjKAT0aHG80vBnSkg8UKA4YrDCP9UZrrS0uq3UFrR+4gSnfItDvw6RQZ + OKuz+3HgjRluzqMRQDgHALKEY61oxDhDUeNBENciL+U+6THoqY0an3g0ygHHAzaWXEByxpFDzWK3 + 7NtCoWvgfSiXk8tq/7yk6i67JIZ8VmWCmPejezTvbq7OgJFjiKMRTq7Cvbv7YAjzu/RB/oVH2laG + WZJ8GAaePrTrQKVSfWZf1W2LLKwPo1CGAWZCdKR685C7miTcm5LMTcwC9cCQ+GaBkGLFnb4gpnAF + xdJ/4xRaNIkpb5KPV7iYBFGVVaq/J/Dhadwt/XYjaLw4YFh7AoZFgGE9EzD2yhoPAGPfvLV8vq8N + GO5/wHgFwHD+LcBwS9EdgPGQ8WiVRf96wbut5mk6yzXPNIXLKDqH6Jj1oSUpttbhlPTUWkdjm0Rj + G+/QKHmHuXm2DdzGlTVKZVbq9/UqTkXHmGqTokbM8smEUwH77tEKi0xObFSc7lnqEidxBo8lDu1K + nLabAMTGgd2T7rE7dB1uNHyrbTg+bxmdTrthCNcXsu0PHWlTWVxKYtlCtvtESUl+0xOCooZ05mkc + ivdLKqNqpgUeJczVoUgThbcaRjJz0tb2bWENpeBu+5hLm3eEz53OsTfkbsdzms0zcapmwV4PrAu8 + CzljwiNdJBpG0ZSZeWbcw2SGZVL1aRYRSzY1Es4zMinkVU7gYYafl+eGYyYRkRPr5Pvb13idvX/7 + Gq+z/29dY0CZKDhlzR5dKudn5yGPfsooGweJCi0qBAsiu0DDuzii0R/yNE7k0R3gyCPKVccg/QWF + 3jLSaRn9j9xm3snZhsHOEh39BwAA//9ClcA1x2ECL+eLoJXEaHE0CBMeoeIIAAAA//8ajC4eLY5o + 7WL6FUfopQa8rQdvGgGdng7JgtWgqXUo2wBoYX5JInTFALopOBt1OIsxnK09I+wFJa7JJwNczVtQ + qYBVwgDuZTQJY1w6jOHtx9S8ssyi/DxIGxEilFIKXa4C4RIVevm5EBOqYUxo7UBGaY200kYfZq6O + Um5iRVBqcWkOyGAku8FzM0UljiUQd5Tll1BvShhiGNxQoF0ZicVh+eCpLdisLWhSGjRhBLIS7hBU + 1xqhOBeqARw8tbW1AAAAAP//AwBczEFZHSUAAA== + headers: + Atl-Request-Id: + - 4192167c-e4b7-49e6-9e55-ba26460df8cb + Atl-Traceid: + - 4192167ce4b749e69e55ba26460df8cb + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:39 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=275,atl-edge-internal;dur=13,atl-edge-upstream;dur=263,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 91bf791ffbfaf4ae86600c8cbd9258e9 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0teXbubpN3avMkEp+gU2r0oImlzi9U0KU06GGP/3RSH7lF9u9zz + nXsO90Aq6XA7aCLIm/e9E/O5wgZrr+y7jaXX0rlWmtigJzOiWtdruf8HX+Cwa2tU6D7WqPsVGo/D + X4+srGn0iKbG3zl3OLjWmgBTABpDDFGxuXws1g/lj7oZuypMRDxP0Axm8BIysdd234WW5b6f0lba + jiqYqrHV6stCRDCw5fK0vJJ+AhmwJKIsonlJmeBUUB4DwAUEOPhd+AMOZdudsxxKmgmaCJ7HS+Df + bN3dmMYGEJIUEs4WkldVlmY5TXOqUsbrmmWoFlRiI2WyqM4CvJ4SbttBTi8M+qj9na3ltD4QfZoI + mtdtQY7nxZ6smZTr+5IcPwEAAP//AwDhjs6NIAIAAA== + headers: + Atl-Request-Id: + - 44e53aec-25aa-4ae2-bcd4-fe76445d7374 + Atl-Traceid: + - 44e53aec25aa4ae2bcd4fe76445d7374 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:39 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=163,atl-edge-internal;dur=19,atl-edge-upstream;dur=144,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - afa02db93ac1ccbed0c06cfcaac2bbab + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xX23LbNhD9FQwfU4k3SY7MmU7HdZTEreu6spI8OB4PTK5IxBTAAKAujfPv3SVF + KpbNTO1OYz8Qt71g9+zB6osD64LLxIkcDTIBDclrAXliepIvwPRMnMGC91QBmluhpOlBIuwCLO/F + GZcp5CrtLUEb3INkCoUGA9Juz8alsWoxJ4XXge8HvqvhcwnGzjYFnGseWxGD03ME2Q9Gh4cvcWIg + n+M0s7YwkeclMIfYJuqTcrnNuTGCS1eC9dCS9XghvNATxpTgNQpuYYPyZ7PJxawfjMYjXKpcME70 + xTHoW2libiFVelPfIcEZSoR+OOwHYX/gz4JxFAyjQeiOg+An9NsnJ8mIRccrNc90kuQ91OeH7bW3 + kwRMrEVBgcPVI2YWPM97LBHGChlbVgiIgak5Wyl965J0rOQ7nT/Ri1IKShfPr/mSW669pYCVV7m1 + c3C7FfiDYPyLEX/DzwtMe7lAqwQLNDnj5pZyVd5YGkVznhvoObXgCd6rku05mUDg6DjbnMIS0Ff/ + a8+xApFVIEqcSJZ4R2cPJgO/2Si0+oQ3embAt9JVuKsENuGmyTcg2d3qnRTWogLjtLYJqb9XZ42a + 2xXXhFcjFkUu0OFk7+aYjwplw/F6OH6iu9/JTHOTNi9Dn4AeDtfh8P+1Ume/wiIaDA7WwcGPMLhu + LA7C9SD8ERa3AP/69SEcgy6chl0bg2ZjLtbva3JEWFxeIUzSVEOKfPOgCPACKi/r8n9c66hr46Br + 42XHRti5Me7aOHzoZ02b9SqRUvVCOFE/wCm3+HDUhPv0wq3pfEfgXq1OU1lWw2NVUuACIuUPtCBk + 6kRWl4DpQ6X2PWacirN2rtJH+rWI6wB/ebBGvqKwyVSZJ6+EKXK+2RY3QUIDXpb447FHYngYNo/E + fthaKtvf6AJV2IKq0EJpYTfPDGIj7lUvzb9/K8SCp2A8kjCNEoELmUgz1yzTHVu+xZWGVkPnYeGE + bRnk/AaIGKkC9nuCLvAGXRgNxhSRjJtJIeJTIW9f084rKKh/kXGTtSqXq2qvXZFKTrB94Tc5TIGb + Ggl6O3LOT9+9OTm7Pj05npxdTK4n0+mfU7wf1qnBkOCBWQbsHF8AaRnZZcIwJfMNQzYROSllVrHf + hObsXMMC6YSVBlHrPsYqARaU498J3y+SQeTUryJmD8O/q6p7bIGJSIXk+f6hbfe1DW+F6xy9awgH + M5tKaE+XBZVtF5JHB36D5LpReib4auH25b3f2zwNjzu8/crjW2w3G8g1ymtbx9uO7j853LSFdc2g + kbBpFCSsqLpVrvRZ7c1NXkI/1cgSu6ZIsVeqTrZaFNgQS/s46EctLXwvsftCLWXcD+dH+e3/EUu1 + KgtqFF8LmSAxGoa1wm4AJCtKk0FSofRkekTfG2BCLskywSxh+FOA4aMFSUTKstBlb0jdR/mi+r6I + 2GWrVsiISYyXFdwqHfnuyB3cUdAx5rmKeZ4pY6OxP/a9eS1zXfnmDUbjK5RmlxcQl8RR7K1a9a3q + EMZHOynx0Q6vmMcuA2PZXyXXFjSbyBQrc4Fx7hCF9oAXVNJn53+woxI5gF3EXHZIUQvoHfpXdUTv + 7tgFNq+Vnzg+fj+pPh/qT5NommyfehrOhEU6INEKWDhCRYwYk92xS9TRD5EC+tglh0HlBQFVLhNX + Yr/vpmrpLctcInQtUot3//wVqRj4fisXr8BdCKvBVTr1sL45YV5gM0u84OFRN7OLnOR2+cJJlTFS + FuLfFNIy5xjTfwAAAP//7Fltb9owEP4r1qRWgEgKSQiFquqoWNVOazWt2j50XzCxgWwhifJC92E/ + fs85L7yUlI6qVSdNrYDYPvt8vnvO9+QX1XBqH0Ppu9wjV7qV0QKlGtNY7aacockOveTkFNPYeqte + Ycv85I8M06T1B0i2C9kkU6n7M9tmFxv77Ji9J9slH6/sYj3dLtZOu7y4TYwqmyDgCqfrN5R9qI01 + hqlkQ0QqGj8CxZjRazIAeYeto0DxN2vrJQyoZ1N/tdPGFoYKeQGKPwJGOQla75RjNXzUt+3/0d2z + BiIS7d/xpe0VHFgS/qSmeF54rh9B4zZIIxjzwvUk4FNmBj+cJifccWSYqJ9L91sRHC5hvgE4LtUI + gP85cOpucMTFwo2RQyTl2y4ywISMDjcqLgZ0pKPlCiOGKwwj/VGa55eWKHeHXDtyB1G6Q5y7A08S + ZOC4ye5nrjNjuDlPpwDhFADIQo61/CnjDEWNA0Fci5yIT0iP0UBtVPvE/WkKOB6xmeQCkguOHKpn + u2XflgpdA+89uZpc1vuLkqq/6pIY8lmVCaLoR/e06G6vz4CRM4ijEU6uwr2/+2AI8/v0Qf6FR9pW + jFnCdOy5Tn5o165KpfmZfVW3LbJwfhiZMgww46EjyjcPuat5yJ2EZG4C5qoHhsS3cIUUa+70BTGF + KyiW/hunyEXDgPIm+XiNi7nr11mt/nsOH06Cfum3W0HjxQHD2BMwDAIM45mAsVfWeAAY++at1fN9 + bcCw/wPGKwCG9W8Bhl2K7gCMh4xHpyz6NwveKiqkbVV1lIQXVUlJBF9SPA/xNBtDW1XcmFXyVpsS + VbxDq+QdCvNUDaziylrlmmv1+2Z5p6JjRrVJViPG6XzOqYB992iFRSYnNiqI9ix1iZM4g8cSh3Yl + TrttAGLrwBxI+9ge2xbXWhOjq1kT3tF6vW5LE/ZEyO5kbEmTyuJSEstmsv0nSkrym4EQFDWkM48C + T7xfURlVMy3wKJOuDkXqKLzVMJIp2FxzYgpjLAW3u8dcmrwnJtzqHTtjbvccq90+E6dqFuz1wLjA + fyanzbmfF4maljXFehpr9zCZZuhUfepZxJJNtZDzmEwKeZUTuBfj5+W5ZumhT+TEJiv/9jXepPXf + vsabrwXeusZALJFxyjl7dKmcn5173P8p/Xjmhiq0qBDMiOwM9O4Cn0Z/SKMglEd3gCOHKNc8Bund + FHrLSKdl8jdy23knqwqDrRU6+g8AAAD//0KVwDXHYQIv54uglcRocTQIEx6h4ggAAAD//xqMLh4t + jmjtYvoVR+ilBrytB28aAZ2eDsmC1aA5dyjbAGhhfkkidMUAuim4WnsGuIoxAyPs5SHORiCuVqwJ + rlkpA1ytWFBxgVXCGKcEvP2YmleWWZSfB2kjQoRSSqHLVSBcokIvPxdiQjWMCa0dyCitkVba6MPM + 1VHKTawISi0uzQEZjGQ3eG6mqMSxBOKOsvwS6k0JQwyDGwq0KyOxOCwfPLUFm7UFTUqDJoxAVsId + gupaIxTnQjWAg6e2thYAAAD//wMA9dwEEB0lAAA= + headers: + Atl-Request-Id: + - cdbffae6-fb4f-4e0c-a5bb-0aa041adcf20 + Atl-Traceid: + - cdbffae6fb4f4e0ca5bb0aa041adcf20 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:40 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=269,atl-edge-internal;dur=14,atl-edge-upstream;dur=255,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 6f204f3e534fde1214913f0c22d929e0 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 9d9b0250-1902-48a3-afa0-a9c29f65059e + Atl-Traceid: + - 9d9b0250190248a3afa0a9c29f65059e + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:40 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=326,atl-edge-internal;dur=20,atl-edge-upstream;dur=288,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - df682c09b2ac5779442bcc3c869a3826 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\nA + group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/358] + in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321] + | [300|https://cwe.mitre.org/data/definitions/300.html] | negotiator | 0.5.3 + | [2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/233] + | Inactive, Verified, Risk Accepted |\n| High | [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539] + | [400|https://cwe.mitre.org/data/definitions/400.html] | negotiator | 0.5.3 + | [Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232] + | Inactive, Verified, Risk Accepted |\n\n*Severity:* High\n\n *Due Date:* Jan. + 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/233]\n*Defect + Dojo link:* http://localhost:8080/finding/233 (233)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232]\n*Defect + Dojo link:* http://localhost:8080/finding/232 (232)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '3379' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 719e079e-76f2-41d0-8213-a326e15369b6 + Atl-Traceid: + - 719e079e76f241d08213a326e15369b6 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:41 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=524,atl-edge-internal;dur=15,atl-edge-upstream;dur=510,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 553c26703689b1379605fa8a65b6e6ce + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSYnMmU7HdZTEreu6spI8OB4PTK5IxCTAAKCOxv7v3eUh + xbaUqd1p7Afi2gO7335YfXVgVXKZOJGjQSagIXkjIE9MT/ICTM/EGRS8p0rQ3AolTQ8SYQuwvBdn + XKaQq7S3AG1wD5IplBoMSNuejStjVTEnhVeB7we+q+FLBcbO1iWcaR5bEYPTcwTZD0YHB69wYiCf + 4zSztjSR5yUwh9gm6rNyuc25MYJLV4L10JL1eCm80BPGVOB1Cm5gjfKns8n5rB+MxiNcql0wTvTV + MehbZWJuIVV63dwhwRlKhH447Adhf+DPgnEUDKNB6I6D4Cf02ycnyYhFx2s1z3SS5D3U54eba7eT + BEysRUmBw9VDZgqe5z2WCGOFjC0rBcTA1Jwtlb5xSTpW8r3On+hFJQWli+dXfMEt195CwNKr3do6 + 2G4F/iAY/2LE3/BzgWmvCrRKsECTM25uKFfVtaVRNOe5gZ7TCB7jvWrZnpMJBI6Os/UJLAB99e96 + jhWIrBJR4kSywjs6D2Ay8LuNUqvPeKNnBryVrsNdJ7ALN02+Acn2Vu+lsBYVGGdjm5D6e33WqLld + ck14NaIoc4EOJw9ujvmoUTYcr4bjJ7r7ncx0N9nkZegT0MPhKhz+v1aa7NdYRIPBy1Xw8kcYXHUW + B+FqEP4Iiy3A7+4ewzHYh9Ow25iL1YeGAzH7F5ePTw66kzxNNaTIN4+KAC+g8qop/93mRvs2Xu7b + eLVnI9y7Md63cfDYz4Y2m1UipfqFcKJ+gFNu8eFoCPfphdvQ+ZbAvUadprKsh0eqosAFRMofaUHI + 1ImsruCu5WnSpkXchPProzXyDI+aTFV58lqYMufrtpRxGd2yHxAzVN5tNDTgZYk/dj0Sw4OweyQe + hm1DZQ839oEq3ICq1EJpYdfPDGIn7tUvzb9/K0TBUzAeSZhOicCFTKSZaxbpli3f4UpHq6HzuHDC + Depzfg1EjDtKg/hkZyCCfRgNxhSRjJtJKeITIW/e0M5rKKl/kXGXxzq7y3pvsyKVnGD7wq9zmAI3 + DTZ0O3LOTt6/PT69Ojk+mpyeT64m0+mfU7wf1qnBkOCBWQbsDF8AaRnZZcIwJfM1QzYROSllVrHf + hObsTEOBdMIqg6h1d7FKgAXl+LfC98tkEDnNq4jZw/Bvq+oeW2AiUiF5/vBQ23214a2RnqN37Zwy + m0rYnK5KKtudSB767njod0huGqVngq8R3ry893ubp+Fxi7dfeXyD7WYHuU55Y+uo7ej+k8NdW9jU + DBoJu0ZBwpKqW+VKnzbeXOcV9FONvLFtihR7rZpkq6LEhlja3aAf7aOF0YYWvpfx++H8JL/9P2Sp + VlVJjeIbIRMkRsOwVtg1gGRlZTJIapQeTw/pew1MyAUZIJglDH8KMHzNIIlIWRa67C2p+yRf1N8X + EbvYqBUyYhLjZQW3Ske+O3IHtxR0jHmuYp5nytho7I99b97IXNW+eYPR+BKl2cU5xBVxFHunln2r + 9gjjo51U+GiHl8xjF4Gx7K+KawuaTWSKlVlgnPeIwuaAF9TSp2d/sMMKOYCdx1zukaIW0DvwL5uI + 3t6yc2xeaz9xfPRhUn8+Np8u0TRpewAazoRFOiDRGlg4QkWMGJPdsgvU0Q+RAvrYJYdB7QUBVS4S + V2K/76Zq4S2qXCJ0LVKLd//8JakY+P5GLl6CWwirwVU69bC+OWFeYDNLvODhUTezRU5y23zhpM4Y + KQvxbwpplXOM6T8AAAD//+xZbU/bMBD+KxbSUFs1IU3SlBYhBuoQTANNoO0D+1I3dtuMNImSpuzD + fvyec9z0hRa6IhCTJlDb2D77fH7uOd/lF+Vwah9dGQU8JCjdynSKVI0ZrHJdzlBn++Hk6BjTeKZV + 3WBLffIHtuPQ+pcRJX1TWSdjqRt0nd0E2T079X2ZEALXGcrDxptOe2tD6fHKUO72hnKfNdSrG8ne + 2khwyRksOzVlMGpjtW4uWRe+jMbP4Dlmt+sMVN9kyzwx+xs1zJIo1LNjvhkesIWu4mbQ5s+YUdSC + 1s/KsQo+quv2/+TuWQ0+i/Yf+DJ2ch8sCYCpKV7mwMtHULuN8xTGPA9CCYKVhcH3h5Mjrs5b/Zzj + cUGwOw8ENRB2qUaMCKGp1QziAy6mQYZgIikitxAjBmR0wGh2daAj7c1X6DFcchjpj+RdX2tSDQet + HcFBlHDINBz4ZIIYndXZwyjwRwy37eEQNJ2DIlnCsVY0ZJwh7fEhiIuTn/IB6dErgG184dEwB2H3 + 2EhyAckpR5Q1i92y73OFrhARQrkYfpb7Z9lYZxGSGPJVJRJi1o/u4ay7sTwDRo4gjkaAXPl/5/mD + oajQoQ/CFx5pWxlmSfJ+GPj60K4CFWz1mX1T9zGysD6MQhkG3gnRkerNQ+5ynIAWSOY6ZoF6YAiN + 00BIsQSnG/gULqlY+m9AoUWTmCIrYbzCxTiIqqxS/T0Ghidxp8TtWtJ4dcKwdyQMmwjDfiFh7BRG + HhHGroFs8XzfmjC8/4TxBoTh/luE4ZWizxDG45pIsywLrKbEm7KihrupoyyJUbo0SYElVQmi2s7K + ULcsYK10WJvKatamyoRVViZm5tk0cFM1zSqVUQ4wogRFp+uLGf9q3pfl4zGnFHfvyRyMTE71qjjd + MRmmqsUJEEtVtktx3GqAEK0Pzqn0Dr2+53LDGtgtwx3wptFutyxDeAMhW4O+Kx1KnEtJLFvIdraU + lISbUyHIa0hnnsah+LigMvJqWuDJWrs6FGkiNVfDSGZW73UGjrD7UnCvdcilw9tiwN32od/nXtt3 + G40TcaxmwV4/2Of4L+SMMY90GmkYRVNm5pnxAJMZtkn5qVl4LNnUSDjPyKSQVzGBhxl+XpwZrplE + VL5Yrdu/f41XC//vX+PVFwfvXWMwlijq0Lq+dKHAz85CHt3LKBsFiXItyguLUndBendxRKM/5Wmc + yIM70JFPRVntg/T2Cr2lp9My+p3d+sqUa+39AQAA///CXmSZ4BqwNoEPWKNLwMv5ImglMVocDbqE + BwAAAP//Gi2O6OPi0eIIV3GEXmrA23rwphDQ6emQLFgNmpWHsg2AFuaXJELXFKCbgrNRh7MYw9na + M8JeUOKanjLA1bwFlQpYJQxwNW+NcekwhrcfU/PKMovy8yANSIhQSil0QQuES1To5edCTKiGMaG1 + AxmlNdJaHH2YuTpKuYkVQanFpTkgg5HsBs/eFJU4lkDcUZZfQr1JY4hhcEOBdmUkFoflgye/YDO9 + oGlr0JQSyEq4Q1Bda4TiXKgGcPDU1tYCAAAA//8DAAx1jO0/JQAA + headers: + Atl-Request-Id: + - a1b01d83-32e0-4f6a-acfc-62f38e8c3ac1 + Atl-Traceid: + - a1b01d8332e04f6aacfc62f38e8c3ac1 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:41 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=256,atl-edge-internal;dur=13,atl-edge-upstream;dur=243,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 3d9fdc9adc5ef8cd9d146d7d0021e730 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"transition": {"id": 41}, "fields": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '40' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1585/transitions + response: + body: + string: '' + headers: + Atl-Request-Id: + - f6090579-d3a1-47e4-845b-0daa1da060ec + Atl-Traceid: + - f6090579d3a147e4845b0daa1da060ec + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - text/html;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:42 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=521,atl-edge-internal;dur=13,atl-edge-upstream;dur=509,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 1e16775b2750e8a744328dac2de8cdba + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0te3bqbtN26vMkEp+gU2r0oImlyi9U0KU06GGP/3QSH7lF9u9zz + nXsO90Bq4XA7aMLJm/e947OZwgalV/bdJsJr4VwrTGLQkwlRreu12P+DL3HYtRIVuo816n6FxuPw + 1yMraxo9opH4O+cOB9daE2AKQBNIYFpuLh/L9UP1o27Grg4T4c8RmsAEXkIm9truu9Cy2vcxbaXt + qIKpHlutviyEBwNbLE7LK+EjyIBlU8qmdFlRxlPKaZoAwAUEOPhd+AMOVdudsylUtOA04xlLcka/ + WdndmMYGELIcspTNRVrXRV4sab6kKmeplKxANacCGyGyeX0W4HVMuG0HEV8Y9FH7OytFXB+IPk0E + zeu2JMfzYk/WROX6viLHTwAAAP//AwAo3mwLIAIAAA== + headers: + Atl-Request-Id: + - b5ac5806-ed9a-4df2-a37d-172a4104c151 + Atl-Traceid: + - b5ac5806ed9a4df2a37d172a4104c151 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:42 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=156,atl-edge-internal;dur=16,atl-edge-upstream;dur=140,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 25cd54cc2c69e8f9e6fd4dede99112f0 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/pCF+SyDxTKfDQLijpZSGAB84JiPsja3DkXySHJIe/Peu/BYI + MS10esMMtiXti3affXbz3YJlRnlkBZYEHoGE6JhBGqkOp3NQHRUmMKcdkYGkmgmuOhAxPQdNO2FC + eQypiDsLkAr3IBpDJkEB19XZMFdazGdG4dR1HNfpSviWg9KTVQbnkoaahWB1LGbsu/3hcB8/FKQz + /Ey0zlRg2xHMINSR+Cq6VKdUKUZ5l4O20ZK2acZsz2ZK5WDXCu5hhfJnk9HFZNftD/q4VLigrOC7 + pdC3XIVUQyzkqrxDhF8o4Tleb9f1dn1n4g4Ctxf03O7+nvcT+u0YJ40RjY4Xaj7opJG3UZ/jNdeu + PiJQoWSZCRyuHhA1p2naIRFTmvFQk4xBCETMyIOQ910jHQp+KdN3epFzZtJF0yldUE2lvWDwYBdu + rR2stlzHdwe/KPYX/DzHtOdztGpggSYnVN2bXOV32rwFM5oq6Fil4Aneq5DtWAlD4MgwWZ3CAtBX + 56ljaYbIyhAlVsBzvKO1ARPfqTcyKb7ijT4Y8Eq6CHeRwDrc5uMZSNa3uuRMa1SgrMa2QepvxVkl + ZvqBSoNXxeZZytDhaOPmmI8CZb3Bsjd4p7tvZKa+SZOXnmOA7vWWXu//tVJmv8AiGnT3lu7ejzC4 + rC363tL3foTFCuBPT6/h6Lbh1Gvb8OuNGVteleSIsLi5RZjEsYQY+eYfi6Bfb+DNRJqXvPChOlgr + 2F4KL5nnGumFJFSROwBOQoFIBw0REZzohClSsIThn6pmjpD4rS1R22u72H7Lhte6MWjbGL6O0Vtc + 7g9rLjccWjQ0K9h18ZNq7HNlf3h/fMvus+43dqlOGhYpXg9FbvLsmh5ybRYYj61AyxyeqrZitEkW + 1kneXDOe4VGViDyNjpjKUrqqmAeX0S19hRA3bFTFSQKGweT4VRx8r9sbNj1tM6AN825utNWA19RA + JpmQTK8+GMRa3C4a479vbWxOY1C2kVC1EoYLCYuTrlrEa6B+xpUa+t4WxHp+XRPTnWBn6hb/h94+ + fj7umAOO92zDRC+ld2D43hT25qjTBn+3DeXuwEQOC2+UsfCU8ftjs3MEmRnLeFjnu0DBQ7HXrHDB + RziV0bsUxkBViSFZvVnnp5efTs6mpyeHo7OL0XQ0Hv8xRueRfhSGDg9MEiDn2Ni4JsYuVjgWe7oi + SJIsNUqJFuRXJik5lzBHliS5QnR3t5GliyVpOY/McbLID6yy2WOWMU2mLsubvyBBTFjMOE03D1VD + ZRXeoiJS9K7mUURAzKE5nWem8Lci/uUUV85/HwRpKdzMby+J83243SDQjWGwNHRYTan/ydt61LX9 + yohfDz9RaTgUqZBnpS+YF+AbrhVZxjaA71xvR3u/jTf6DW+8leqXcfzCn/8dkFiKPDOD7zHjETKn + WnenLFcJtiYDz5PxgXneAWF8YQwYfEUEf9oQbMIQBUZZ4nXJJ6PuC98pnjsBuWnUMh4QjrHSjGoh + A6fb7/qPJuAY71SENE2E0sHAGTj2rJSZFr7Zfn9wi9Lk5gLC3JAY+SwedrVoEcYhJMpxCPFuiU1u + XKXJnzmVGiQZ8RhLco5xbhGF5oDtFtJn57+TgxyLn1yElLdImZHWHjq3ZUQfH8kFDuOFn/h+eDUq + HtflQ8z/BgAA///sWW1P2zAQ/ivWJFBbNWmapCktQoypQmMaaIJtX9CkurGbRqRJlZeyD/z4Pee8 + 9AVKuyIQk1aqksQ++3z3+DnfJXc03RRHF7r87qfgARJVoMIVBmJEqeyB3WIMzcTe13DqN9tKCwJp + OBd6iPxF96J5a54FIWCbglNaq/1/0RCWYVRy7r3Up34aSz2KvRY2Nie8+zicEyG00FWfpNOA5Bb+ + wo3yGA1m4nMtvSzgsOlvyknVOgYy9HlAULqR8RypJ9NY7aoaockOg/T4BMM4ulHfYMvC8y3Tsmj+ + i5CS2LlskrFURtBk135yx85cV84IgU8ZysHCO1ZvZ0MV/ZWh7N0NZW811KsbydzZSNiSJSz7DWUw + esYag0yyAfYyHn4BxzGz12Tg+A5b5Ynyb9LWK6JQ95b+ZnjAEgaKl9kAxMwoXEHrrXKshp/6U+t/ + dvWsgT2L57f4p+21fTAlAKaGeNkGXnVB4ybKYhjz3A8kCFbmBj/00mOu/K0uF3hcEhwsAkEDhF2p + ESFCFNSq+1GLi7mfIJhICsVdxIgxGR0wKs8M5NLhYoYhw+mGkf4yLs8zcQGHQjuCg6jgkBRw4GnK + 3bukye4nvjthOI57Hmg6A0WyGcdcocc4QxrnQhAnJjfmY9JjmANb+8pDLwNhD9lEcgHJOQ+QPOWr + ZT8XCl0iIgRyOfystpdJZH8ZkujyTWUaomxHs1c2t1dHQM8JxPEQIFf7v7/dMRQV+vRD+MItLSvB + KLNsFPhu4bRLXwXbwmc/1EGMLFw4I1eGgXcCNMTF4iF3MZ2BFkjmKmK+umEIjXNfSLECp2vsKZxO + MfXfgKIQnUUUWQnjNS6mflhntfrDFBhOo36F2ydJ49UJw9yTMEwiDPOFhLFXGHlEGPsGsmX/vjVh + OP8J4w0Iw/63CMOpRLcQxuOiSaeq9q3nwpuyora9nBWlMSCjKkJU41nvWpUB1xrsqva11mBskjA2 + lSSMqiRRmmdTx02FOKNSZiW1X8/z1O6YUPaSZ5FJNp1ySm8/PJuDkcmpoBXFeybCVK44BWKpDHch + TrptEKJxYJ1J58gZOTbXjLHZ1ewx72i9XtfQhDMWsjse2dKiZLySxLS5bH9HSUm4OROCdg3pzOMo + EB+XVEZeTRM8++5AOUXqXpx3I5myfm2NLWGOpOBO94hLi/fEmNu9I3fEnZ5rt9un4kSNgrUemOf4 + 5nLalIdFGqlp+aNEzxLtHibTTJ3yUz3fsWRTbcZ5QiaFvIoJPEhw+fmTZuuzkAps6+8h3r/G6y8y + 3r/G6y9CXk/jPwAAAP//oo6LgUVZCmSgGjq05AFO/ApOOYl52al5xRmZBeCsBeoXQsbCIaVhFGjI + yUrJtbQovyBVPwpYHCWDRm2heRA0GweUhed0kDXQOUjsI1MmuMpgE1wj2ia4ZnVM4OV8EbSSGAbF + EQAAAP//Gi2OBoOLR4sjWruYfsUReqkBb+vBm0ZAp6dDsmA1aJUBlG0AtDC/JBG6RgLdFJyNOpzF + GM7WnhH2ghLXvJQBruYtqFTAKmEA9zKahDEuHcbw9mNqXllmUX4epI0IEUophS7QgXCJCr38XIgJ + 1TAmtHYgo7RGWlukDzNXRyk3sSIotbg0B2Qwkt3gmZuiEscSiDvK8kuoN6sMMQxuKNCujMTisHzw + rBdsKhg0r52TD+pKIDkE1bVGKM6FagAHT21tLQAAAP//AwAFNZ+HDyYAAA== + headers: + Atl-Request-Id: + - 66411ef1-53f3-4b01-b82a-391c6f594660 + Atl-Traceid: + - 66411ef153f34b01b82a391c6f594660 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:42 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=303,atl-edge-internal;dur=14,atl-edge-upstream;dur=289,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 0409d2da8377b9cd3d5c40555da28354 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 41ded392-d26b-47ee-ba8a-80754af6e1b5 + Atl-Traceid: + - 41ded392d26b47eeba8a80754af6e1b5 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:43 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=298,atl-edge-internal;dur=13,atl-edge-upstream;dur=286,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 10525d059506a4ca8e129cd0d74cc199 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\nA + group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/358] + in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321] + | [300|https://cwe.mitre.org/data/definitions/300.html] | negotiator | 0.5.3 + | [2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/233] + | Inactive, Verified, Risk Accepted |\n| High | [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539] + | [400|https://cwe.mitre.org/data/definitions/400.html] | negotiator | 0.5.3 + | [Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232] + | Inactive, Verified, Risk Accepted |\n\n*Severity:* High\n\n *Due Date:* Jan. + 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Regular Expression Denial + of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/233]\n*Defect + Dojo link:* http://localhost:8080/finding/233 (233)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232]\n*Defect + Dojo link:* http://localhost:8080/finding/232 (232)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '3379' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 9a5ace92-2904-49c8-93f0-9edbfc562563 + Atl-Traceid: + - 9a5ace92290449c893f09edbfc562563 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:43 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=263,atl-edge-internal;dur=12,atl-edge-upstream;dur=251,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 126927b3cdee0003fae54352fbaf97a1 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/pCF+SyDxTKfDQO6OllIaAnzgmIywN7YOW3IlOSQ9+O9d+Q0I + MVPo9IYZbEvaF+0+++zmuwWrnPLICiwJPAIJ0ScGaaR6nGageipMIKM9kYOkmgmuehAxnYGmvTCh + PIZUxL0lSIV7EE0hl6CA6/psWCgtsoVROHcdx3X6Ev4qQOnZOoczSUPNQrB6FjP23eF4vI8fCtIF + fiZa5yqw7QgWEOpIfBN9qlOqFKO8z0HbaEnbNGe2ZzOlCrAbBXewRvnT2eR8tusOR0NcKl1QVvDd + UuhboUKqIRZyXd0hwi+U8BxvsOt6u74zc0eBOwgGbn9/z/sJ/XaMk8aIRsdLNR900sjbqM/x2mvX + HxGoULLcBA5XD4jKaJr2SMSUZjzUJGcQAhELci/kXd9Ih4JfyPSdXhScmXTRdE6XVFNpLxnc26Vb + Tw7WW67ju6NfFPsbfs4w7UWGVg0s0OSMqjuTq+JWm7dgQVMFPasSPMZ7lbI9K2EIHBkm6xNYAvrq + PPYszRBZOaLECniBd7Q2YOI7zUYuxTe80QcDXkuX4S4T2ITbfDwDydOtLjjTGhUoq7VtkPpbeVaJ + hb6n0uBVsSxPGTocbdwc81GibDBaDUbvdPeNzDQ3afMycAzQvcHKG/y/Vqrsl1hEg+7eyt37EQZX + jUXfW/nej7BYA/zx8TUc3S6cel0bfrOxYKvLihwRFtc3CJM4lhAj37wqAryASIuq/D8E9ycF2xH/ + kmCukEVIQhW5BeAkFAho0BARwYlOmCIlGRiaqUvjCPnd2hKcYVcM9ro29js2vM6NUdfG+HXw3uJy + f9xwueHQsqFZwa6Ln1Rjn6v6w/sDX3Wfp35jV+qkYZHy9VAUJs+u6SFXZoHx2Aq0LOCxbitGm2Rh + k/3NNeMZHlWJKNLoiKk8peuaeXAZ3dKXCHHDRnWcJGAYTPJfxcH3+oNx29M2A9oy7+ZGVw14bQ3k + kgnJ9PqDQWzE7bIx/vvWxjIag7KNhGqUMFxIWJz01TJ+QvAXXGlqwtsCZc9vimW+E+zM3fL/2NvH + z4cdc8Dxnm2Y6KX0Fgzfm8LeHHW64O92odwdmchhRU5yFp4wfvfJ7BxBbsYyHjb5LlFwX+61K1zw + CU5l9DaFKVBVYUjWb9bZycXn49P5yfHh5PR8Mp9Mp39M0XmkH4WhwwOzBMgZNjauibGLpY8skK4J + kiRLjVKiBfmVSUrOJGTIkqRQiO7+NrJ0sSQt54E5Th75gVU1e8wypsnUZXXzFySICYsZp+nmoXqo + rMNbVkSK3jU8igiIObSni9wU/lbEv5ziqvnvgyCthNv57SWjvg+3G8y6MQxWhg7rKfU/eduMurZf + G/Gb4SeqDIciFfK08gXzAnzDtTLL2B/wnevtaB+2vPFWRjeFWk55Gcev/PnfAYmlKHIz+H5iPELm + VE9tKy9Ugj3LwPN4emCet0AYXxrLBl8RwZ82BJswRIFRlnh98tmo+8p3yudOQK5btYwHhGOsNKNa + yMDpD/v+gwk4xjsVIU0ToXQwckaOvahk5qVvtj8c3aA0uT6HsDAkRr6I+10tOoRxCIkKHEK8G2KT + a1dp8mdBpQZJJjzGkswwzh2i0B6w3VL69Ox3clBg8ZPzkPIOKTPS2mPnporowwM5x2G89BPfDy8n + 5eOqeojsHwAAAP//7FltT9swEP4r1iRQWzVpmqQpLUKMqUJjGmiCbV/QpLqxm0akSZWXsg/8+D3n + vPQFSrsiEJNWqpLEPvt89/g53yV3NN0URxe6/O6n4AESVaDCFQZiRKnsgd1iDM3E3tdw6jfbSgsC + aTgXeoj8RfeieWueBSFgm4JTWqv9f9EQlmFUcu691Kd+Gks9ir0WNjYnvPs4nBMhtNBVn6TTgOQW + /sKN8hgNZuJzLb0s4LDpb8pJ1ToGMvR5QFC6kfEcqSfTWO2qGqHJDoP0+ATDOLpR32DLwvMt07Jo + /ouQkti5bJKxVEbQZNd+csfOXFfOCIFPGcrBwjtWb2dDFf2VoezdDWVvNdSrG8nc2UjYkiUs+w1l + MHrGGoNMsgH2Mh5+Accxs9dk4PgOW+WJ8m/S1iuiUPeW/mZ4wBIGipfZAMTMKFxB661yrIaf+lPr + f3b1rIE9i+e3+KfttX0wJQCmhnjZBl51QeMmymIY89wPJAhW5gY/9NJjrvytLhd4XBIcLAJBA4Rd + qREhQhTUqvtRi4u5nyDKSArFXcSIMRkdMCrPDOTS4WKGIcPphpH+Mi7PM3EBh0I7goOo4JAUcOBp + yt27pMnuJ747YTiOex5oOgNFshnHXKHHOEMa50IQJyY35mPSY5gDW/vKQy8DYQ/ZRHIByTkPkFXl + q2U/FwpdIiIEcjn8rLaXSWR/GZLo8k1lGqJsR7NXNrdXR0DPCcTxECBX+7+/3TEUFfr0Q/jCLS0r + wSizbBT4buG0S18F28JnP9RBjCxcOCNXhoF3AjTExeIhdzGdgRZI5ipivrphCI1zX0ixAqdr7Cmc + TjH134CiEJ1FFFkJ4zUupn5YZ7X6wxQYTqN+hdsnSePVCcPckzBMIgzzhYSxVxh5RBj7BrJl/741 + YTj/CeMNCMP+twjDqUS3EMbjokmnqvat58Kbqilte1NDVU2jPCqNgSVVKqLiz1pXY1Phza6KYusS + m0oSRlWSKM2zqeOmQpxRzbmS2q8ngGp3TCh7ybPIJJtOOaW3H57NwcjkVNCK4j0TYSpXnAKxVIa7 + ECfdNgjROLDOpHPkjByba8bY7Gr2mHe0Xq9raMIZC9kdj2xpUTJeSWLaXLa/o6Qk3JwJQbuGdOZx + FIiPSyojr6YJnn13oJwidS/Ou5FMWb+2xpYwR1Jwp3vEpcV7Yszt3pE74k7PtdvtU3GiRsFaD8xz + fHM5bcrDIo3UtPxRomeJdg+TaaZO+ame71iyqTbjPCGTQl7FBB4kuPz8SbP1WUgFtvX3EO9f4/UX + Ge9f4/UXIa+n8R8AAAD//6KOi4ElVgpkoBo6tOQBTvwKTjmJedmpecUZmQXgrAXqF0LGwiGFXhRo + yMlKybW0KL8gVT8KWBwlg0ZtoXkQNBsHlIXndJA10DlI7CNTJrjKYBNcI9omuGZ1TODlfBG0khgG + xREAAAD//xotjgaDi0eLI1q7mH7FEXqpAW/rwZtGQKenQ7JgNWiVAZRtALQwvyQRukYC3RRcrT0D + XMWYgRH28hBnIxBXK9YE14SVAa5WLKi4wCphjFMC3n5MzSvLLMrPg7QRIUIppdAFOhAuUaGXnwsx + oRrGhNYOZJTWSGuL9GHm6ijlJlYEpRaX5oAMRrIbPHNTVOJYAnFHWX4J9WaVIYbBDQXalZFYHJYP + nvWCTQWD5rVz8kE9BiSHoLrWCMW5UA3g4KmtrQUAAAD//wMAzRuEcA8mAAA= + headers: + Atl-Request-Id: + - 6da0074d-7215-4b0a-bcfc-62252d20dc75 + Atl-Traceid: + - 6da0074d72154b0abcfc62252d20dc75 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:44 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=244,atl-edge-internal;dur=13,atl-edge-upstream;dur=231,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 12478648e1d68887c9a00708877ca4c8 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0teXbskTbsubzLBKTqFdi+KSJrcYjVNSpMOxth/N8Ghe1TfLvd8 + 557DPaBGONiOGnH05v3g+HyuoAXplX23qfBaONcJkxrwaIZU5wYt9v/gKxh3nQQF7mMNeliB8TD+ + 9cjKmlZPYCT8zrmD0XXWBJhgTFKc4qTaXD5W64f6R91MfRMmxJ8jNMMz/BIyYdB234eW9X6IaStt + JxVMzdRp9WVBPBjoYnFaXgkfQYopSwhNyLImlGeEkyzFGF/gAAe/C3+Ase76czbDNSk5YZyxNCfF + Nyv7G9PaAGKWY5bRQmRNU+blkuRLonKaSUlLUAUR0ArBiuYswOuYcNuNIr4w6JP2d1aKuD4gfZoQ + mNdthY7nxZ6sicr1fY2OnwAAAP//AwA1PnHcIAIAAA== + headers: + Atl-Request-Id: + - 0c64ba81-a893-428d-a03a-8da3f30eb7f1 + Atl-Traceid: + - 0c64ba81a893428da03a8da3f30eb7f1 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:44 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=161,atl-edge-internal;dur=13,atl-edge-upstream;dur=148,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 239a1b811565e786b52148c893e582e2 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+dVKJl45InOl0XEdJnLquKyvJg+PxQOSKREwCLADqaJz/3l1S + lGI7Smt3GnvGxLUHdr/9sP7kwLrkMnEiR4NMQEPyUkCemI7kBZiOiTMoeEeVoLkVSpoOJMIWYHkn + zrhMIVdpZwna4B4kUyg1GJB2ezaujFXFghReB74f+K6GPyswdrYp4Vzz2IoYnI4jyH4wGI9HODGQ + L3CaWVuayPMSWEBsE/VRudzm3BjBpSvBemjJerwUXugJYyrwWgU3sEH5s9nkYtYNBqMhLtUuGCf6 + 5Bj0rTIxt5AqvWnukOAMJUI/7HeDsNvzZ8EoCvpRb+D6o+BH9NsnJ8mIRcdrNU90kuQ91OeHu2tv + JwmYWIuSAoerR8wUPM87LBHGChlbVgqIgakFWyl945J0rORbnT/Si0oKShfPr/mSW669pYCVV7u1 + d3C7Ffi9YPSzEX/BTwWmvSrQKsECTc64uaFcVXNLo2jBcwMdpxE8wXvVsh0nEwgcHWebU1gC+up/ + 7jhWILJKRIkTyQrv6NyDSc8/tBG0G6VWH/GqT8zEVrrOQ53ZNg80+QI9++u+lcJaVGCcnW2C8K/1 + WaMWdsU1AdmIoswFOpzcCwkmqoZff7Tujx7p7jdS1t5kl7C+/xzdCPvrsP//WmlgUYMUDQbDdTD8 + HgbXrcVeuO6F38PiFvmfPz+EY3gIp712YyHW7xpyxOxfXiEa0lRDinzzj0UwaDfwAiqvGl74+tHh + oY3nBzbCgxujQxvjh+40tNmsEinVL4QTdQOccosPR0O4j6/Phs73BO416jRVXz08VhUFLiBSfk8L + QqZOZHUFmCVUat9hYqkGG+dqfaRfi7iJ46cHa+QrCptMVXnyQpgy55ttDVPmNeBliSYePhJ99/n+ + kbgftkNUFu6o7P7GDlSlFkoLu3liEFtxr35p/v1bIQqegvFIwrRKBC5kIs1cs0z3pPgaV1r2DJ2H + 9RHuyiDncyD+owq43xMcAm9wCKPBiCKScTMpRXwq5M1L2nkBJfUvMm6zVudyVe/tVqSSE2xf+DyH + KXDTIEFvR8756dtXJ2fXpyfHk7OLyfVkOv19ivfDOjUYEjwwy4CdI9FLy8guE4YpmW8YkobISSmz + ir0RmrNzDQWyBqsMotb9GnkEWFCOfyt8v0zmkdO8ipg9DP++qu6wBSYiFZLn9w9tu69teGtc5+hd + SziY2VTC7nRVUtkeQvJoOGyR3DRKTwRfI7x7YO/2No/D4x5vv/D4BtvNFnKt8sbW8baj+08Ot21h + UzNoJGz7AQkrqm6VK33WeDPPK+imGlli3xQp9kI1yVZFiQ2xtF8H/eAQLQx2tPCtjN8N5wf55e8R + S7WqSmoUXwqZIDEahrXC5gCSlZXJIKlRejI9ou8cmJBLMkAwSxj+K8Dw0YIkImVZ6LJXpO6DfFZ/ + n0XscqdWyIiVaTRwA9e/pWBjrHMV8zxTxkYjf+R7i+bsde2T1xuMr1CKXV5AXBE3sddq1bXqgDC+ + yUmFb3J4xTx2GRjL/qi4tqDZRKZYkQXG94Ao7A54QS19dv4bO6qw9tlFzOUBKerwvLF/1UTy9pZd + YNNa+4nj43eT+vO++bQJpsn2iafhTFikARKtAYUjVMSIKdktu0Qd3RBLvxsM/VFYe0EAlcvEldjn + u6laessqlwhZi5Ti3T1/RSrG/Z1YvAK3EFaDq3TqYVlzgrrAVpXowBv33cwWOUmVKf6p80QqQvyZ + QqEs4DUSYJM1poNkWJf9cJ7+DQAA///sWN9v2zYQ/lcOCBDImkPPsmxjDvwQJH3YsBbD0u5lHmBF + ZmJtsuToR5qi6/++70iKomKrRZM9Jgkc+Y5HHr873n3UkE7T6pwCMR6LgOj0rjpf0kT8CGOlmIiZ + CKlRhK0iFFMxb+TTVj4VmKuRz1o5P05bOXtn5GMxa+VBKw/c8ZNWPhGTVh628rDdwLxdlx8duV2X + H4NBT26YTB4FkxkjegHS8CCHHHpF9+lYnOffGWcz/v+K82uMnx3jsC/GKIRNUVj4Kt4sI/+qlnSF + CgrhL+guFPw0JDTYKXWrc/O7HQtbntX3iXg9ly+M2Qx1279SvR5t+O+cmAUhHt+0Iw8fg2OR/Wpc + yUcvgPxP/Dt7xnHFgjj3aoKXtYVuavnXeV3EEumVSp8b9Bn66C4pJeO6v3MGXrU0wke7t8si90rT + oEWSj6LNQ1KCiuAOMA0CMIxbhhjHoSGezDXW+7s1gdTBv4wiKnQax5zG0qYx70EW0U2Sck+ttlFF + eYyFSvq4BTupQK+NIaN2E5WS8oLucU/7RLgrx3wKS8weF9EtOwA6Vu8yYvYl1EEDQS8kgaFT9TFv + TGIqY5lFuMkwZcFSSbwlEAGw9zT5R4K/32KVCG7v92kSq1eXhho1DqcS+ODI8gXAHaW3Bp/qrIxu + USqY75+VNQ+Bf+V9apYzyJS0i2Cc5GAGjvOlWGXB4ewwyoB0yc7APVx5C7BFzGvRYbZmfYgMUoWs + 6iJDbuOprNOK0XV8wLijTggG8OQEV5cc8cTfZZ7Fcl+tsvV6vcr4OljRZ7rEzsB6vtCS+F1uUkjv + 9OQxmCO19P9BMzbWI5cE7mzMPFaqJ2E2x5LGgOFa0vr6za9vLt/TmC6u6fS+zqvzFX705CNfS3AI + j6n90Qrn8gfeapmnUuC24CH7Y9zghMweBn+xN6DQMMlGI229Vg5opxSAHvwYkieLYsgIDmjJJ4c+ + Y2azJ8y1Yce/DAw49IdNFHoL0op8IT5qrrx5D7TolHEwxZ5CDk1fKbdGB8Xcag7KuaN5UtAdzZOS + 7mieFHVH86SsW81BYXc03dIOnH5TL3g2DUgLM9KAZFDBfA5cjJHBhBdy4WKMDChG1cDFGFlQHE3T + 8hpUOioGyaLS0TBIFpWOhkGyqHQ0DJJFxdFokCwqHY0GyUkm4LVFJnFKnmnCtzgs9HxXWfAHuhO+ + XcR8DpCY9Q2Ov+kBbxN18zMtwLdXmUA8iscFfVBvC7gAmWLfhAQVM4WmEK7RpM9IR+uoTdhno8N4 + 1GbaZ6MDfNRm1mejI2JtyKN33IFUd7IdTiXBUEd8qMquDjG3migtc9rrBBbEPMIuOu9bVIX064ua + hECXOljAxO7n3T6KK47bu5wS9YWQAg/JRm7aNo+Bv4MUFRLVvPyePm9M9zlfuZmmeNFml2QD8gb/ + 7kBDqnxhqcdRPvvKZZ0D7Ba8b3PZ8JlcNmQuG76My/4HAAD//6JKW5bcri9yuqV1W9ZwtC1bAAAA + AP//7Jpda8IwFIb/yhh4mS5tY2sH4hQ23F/w7jRJ59B+0A/295fT1GAzs41dFVbwQkyOPR6bty+8 + z+xlZy87e1mHrI+82UjYR97sWtpnL3uZ1+xlZy87DS/rm9IfvOzX/H5pImw7vnUleD67TvDaGvip + hxMQLrC3GsTDWmAGtrAWqKuCulJ0alL0y3hcG13kBzXNjNJoO5OEtgV+xMRNJ55Nl+eAcez9zbwQ + R41MRVn/MbBFd7IBzpEEeRXr2FdOli7CrYxWURoxIDQLYsIyWJIkiSkRUSZknKVMhhjumkp1WV37 + +MtKiffLVgjVS4M9Q12exdNVy7xETu577Kv/M6T3VuttWHNBj8IsFEEqBUTxCmQIiciAJSueQpRw + 5vsbse6/Rf3WRfCiXrqO5FAMkSch+qPG6xryoUZGAg+zVE+rJc6UVAANjlTV925enUv1dr8jzKsK + jNhthGz6HdsM2vQ7thm2qXesJExoMmpgIPb9zX+3O0NxkkVzfK/6o4WxmcaxtAoeygJ3P3d1WcmH + g5IhjuDQcAYRpFSr5qTjZQau9DY9wVzay1xQFXOReszoez08HP6vHH0CAAD//xrECW+0OKKHi0eL + I1zFEXqpAW/jwZtEQKenQ7JgNWiBOJRtALQwvyQRuu4d3RScjTmcxRjOVp4R9oIS1xJKA1zNWlCp + gFXCAO5lNAljXDqM4e3G1LyyzKL8PEjbECKUUgrddAHhEhV6+bkQE6phTGjtQEZpjbRfRB9mro5S + bmJFEGSUCcVu8ArDohLHEog7yoCdG3KXRWIsbIYYBjcUaFdGYnFYPniBJmztMWhpNWjZI8hKuENQ + XWuE4lyoBnDw1NbWAgAAAP//AwCO49xa4zMAAA== + headers: + Atl-Request-Id: + - 57c4eab3-8435-4db0-aa35-378e5e3e7129 + Atl-Traceid: + - 57c4eab384354db0aa35378e5e3e7129 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:44 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=266,atl-edge-internal;dur=17,atl-edge-upstream;dur=254,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 30e772099d6fb3d4cb4805201ef115fb + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 84de3dfd-f2a0-456e-b62b-b838547ab5a1 + Atl-Traceid: + - 84de3dfdf2a0456eb62bb838547ab5a1 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:45 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=239,atl-edge-internal;dur=14,atl-edge-upstream;dur=225,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 305e27bba95c34e5249ed4a944255b0a + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: pg:5.1.0", "description": "\n\n\n\n\n\n\nA group of + Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: pg:5.1.0|http://localhost:8080/finding_group/359] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [2222Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236] | Inactive, + Verified, Risk Accepted |\n| High | [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/234] | Inactive, + Verified, Risk Accepted |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 + \n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Remote Code Execution - (Pg, + < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < + 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= + 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 + < 7.1.2)|http://localhost:8080/finding/236]\n*Defect Dojo link:* http://localhost:8080/finding/236 + (236)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, + < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < + 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= + 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 + < 7.1.2)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/521\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '7161' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 6dec3db8-17f2-43bf-9896-8ad397bd7f53 + Atl-Traceid: + - 6dec3db817f243bf98968ad397bd7f53 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:45 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=464,atl-edge-internal;dur=14,atl-edge-upstream;dur=451,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 840d2e4cf8388149bfc2996debaeb132 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWW/bRhD+Kws+FanES5IjESgK11ESt67rykry4BjGihxRG5O77O5SR+P8986Q + IhVbVlC7aGzA3Gvubw5/dmBdcJk4kaNBJqAheS0gS0xH8hxMx8QLyHlHFaC5FUqaDiTC5mB5J15w + mUKm0s4StME7SCZQaDAg7fZtXBqr8jkxvAl8P/BdDX+VYOx0U8CF5rEVMTgdR5D8YDAaDXFjIJvj + dmFtYSLPS2AOsU3UJ+Vym3FjBJeuBOuhJOvxQnihJ4wpwWsY3MIG6c+n48tpNxgMj/CoUsE40WfH + oG6libmFVOlNbUOCO6QI/bDfDcJuz58GwyjoR72B6w+DH1Fvn5QkIRYVr9g8U0mi95CfH7ZmbzcJ + mFiLghyHp8fM5DzLOiwRxgoZW1YIiIGpOVspfesSdazkO509UYtSCgoXz274kluuvaWAlVeptVNw + exX4vWD4sxF/w085hr3MUSrBAkVOubmlWJUzS6tozjMDHacmPEW7KtqOsxAIHB0vNmewBNTV/9Jx + rEBkFYgSJ5Il2ug8gEnPby4KrT6hRc90+Ja6cncVwMbdtPkKJDur3klhLTIwTiubkPpb9daouV1x + TXg1Ii8ygQonDyzHeFQo6w/X/eET1f1GZBpL2rj0/ZeoRthfh/3/V0od/QqLKDA4WgdH30PgupHY + C9e98HtI3AL8y5d9OAaHcBo2F3Oxfl/XQIz+1fX+y17zkqephhTrzV4SoAEqK+v0f1zc4NDF0aGL + lwcuwoMXw0MXo30967JZn1JRqjqEE3WDba2kkGgR1yZ93jujREFvm4Uqs+SVMEXGN9t0wmOMrX2P + caMU24rgFptRXcSfXgzqFrFrCl7NTlOqV8sTVVIwKuU/0IGQqRNZXZI2sQY0lurHfpPouy93TeKh + 29pS9vDiEKjCFlSFFkoLu3mmwQ25V3Waf98rRM5TMB5RmIaJwIOFSBeuWaa7avkWT5qyGjr7iRO2 + qM/4DKgwPpIaVE8edURwCKPBkDyy4GZciPhMyNvXdPMKCppfZNxgqELWqrprT6SSYxxf+CyDCXBT + 41JvV87F2bs3p+c3Z6cn4/PL8c14MvljgvZhnhp0CT6YLoBdYAeQlpFcJgxTMtswrCYiI6bMKvar + 0JxdaMixnLDSIMLcx6pKgAnl+HfC94tkFjl1V8Tooft3WXWvWmAgUiF59vDRdvraurfCeYbabfcU + 2VRC+7osKG0fRXJ/4A6CXoPkelB6Jvhq4rbz3p9tnobHHd5+4fEtjpsN5BrmtayT7UT3nxRuxsI6 + Z1BI2AwKElaU3SpT+rzWZpaV0E011qzdUKTYK1UHW+UFDsTSPg76QVsWvhXYh0Rtybjvzo/y699j + lmpVFjQovhYywSJmGOYKmwFIVpRmAUmF0tPJMX1nwIRckmSCWcLwXwGG3QySiJgtQpe9IXYf5Yvq + +yJiVy1bISNWpNHADVz/jpyNvs5UzLOFMjYa+kPfm9dvbyqdvN5gdI1U7OoS4pJqE3urVl2rDhBj + s05KbNbhNfPYVWAs+7Pk2oJmY5liRubo3wOk0D7wgor6/OJ3dlxi7rPLmMsDVDT6eSP/uvbk3R27 + xKG10hPXJ+/H1edD/WkCTJtt76flVFgsA0RaAQpXyIhRpWR37Ap5dENM/W5w5A/DSgsCqFwmrsQ5 + 303V0luWmUTIWiwp3v3318Ri1G/J4hW4ubAaXKVTD9OaE9QFzrBUDrxR313YPCOqIsU/VZyIRYg/ + E8iVBTQjATZeYziIhnXZDxfpPwAAAP//7FhRb9tGDP4rBAIEsuacZ1m2MQd+KJI+dFiLodn2Mg+w + Il9irbKk6KQ0Rdf/vo+n0+kU2+ma7jFJ4MjkUUd95JEfNaTTtDqnQIzHIiA6va3OlzQRP8JYKyZi + JkJqFWGnCMVUzFv5tJNPBe7VymednC+nnZy9M/KxmHXyoJMH7vpJJ5+ISScPO3nYPcC825cvHbnd + ly+DwZHcMJk8CiYzRvRNxsPrvRxy8PUkMKT3ifpAr+JYFnySDgV+/o2BN+v/r8C/BP3ZQQ//c9BR + KtuysfB1ArCM/Mta0iVqLIQ/o/9Q8NOQ0IKn1K/f7e92LGwB198n4uXkfmcQZ6js/qVmA2jUf+fE + PAnx+KodefgYHIrsk3ElH90C8j/x7+wZ5xcbohDoG3xf4+inln+V12UskV6p9LmFn6HT7hIlGdfi + 1ll42RENH4TAbovcU6aFiyQfRZv7RIHFYEqYBgE4yA1DjOPQUlNmI+vidk2gffAvo4jKJo1jTmNp + 05ifQZbRdZJy1622UUV5jI0UfdyCv1Qg4MaQUbuOlKS8pDvMlZ8I03TMh1Lh7nEZ3bADIGz1LiPm + Z0IfNFD4UhI4PFUf89YkJhXLLMKsw6QGWyXxlkAVwO/T5IMEw7/BLhHcLoo0ifXLTUOeWodTCXxw + ZHlEcFc1jwaf6kxFN6gcPBGcqZqXwD91l5rtDDKKdhGMkxzcwXFeiVUW7N8dRhmQVuwM3MMAW4Iz + 4r4WHeZz1ofIIFXKqi4z5DauVJ1WjK7jA9YddEIwgCcnGG5yxBN/F3nGdW+VrdfrVcYDY0Wf6QJP + Bl70hZbEb3uTUnqnJw/BHKnV/B+0a+Nm5ZLAro2Zx0p9JczDsaQ1YLiWtL56/cvri99oTK+u6PSu + zqvzFX6am4/8RoJDeEjtj1Y4lz/wo6o8lQLzhIfsjzHjCZndD/5ib0CyYZKNRo31WjvQOKUB9ODH + kDxZlkNGcEBLPjn0GXc2z4R7bdjxLwMDDv1hE4XegtYiX4iPmitvXyEtemUcXPJIIYfmWCm3RnvF + 3Gr2yrmjeVTQHc2jku5oHhV1R/OorFvNXmF3NP3SDpx+1a9rNi1IC7PSgGRQwf0cuBgjgwlv5MLF + GBlQjKqFizGyoDiatuW1qPRUDJJFpadhkCwqPQ2DZFHpaRgki4qjaUCyqPQ0DUhOMgGvLTKJU/Ks + YYCL/ULP08yCP9Cd8I1pjIJRUV/j+Jse8DbRs6FpAb4ddgLxIB4W9Lt+n8AFyBT7NiSomCk0pXCN + JseMmmgdtAmP2TRhPGgzPWbTBPigzeyYTRMRa0MeveMOpLuT7XA6CYZNxIe67DYh5lYTpSqnoklg + Qcwj7KbzY5vqkD69qUkIdKm9DUzs3uwKMFaO27ucEv2FkAL3yUZuujaPhe9BikqJaq6+pc8b0yLn + oZxpihdtdkk2IG/wzw40pMoXlnoc5LMvXNY5wG7B+zqXDZ/JZUPmsuFTXPZfAAAA//+iU1uW3L4w + crqldVvWcNi3ZQEAAAD//+yaXWuDMBSG/8oY9DLOj1TroHQtbHR/oXfHJK6j9QM/2N9fjkmDZM02 + eiVU8EJMjjkezfGF95m17KxlZy07a9lxvWYtO2vZ+9KygQn9Q8v+dPiXxuS2DV6X9R9Q14ABPNAV + 7Bpgp4FBQErCmuq7WBBqOA07wvjslyq4Jrp8d9/FhvhmTeg6YEe03bT5PPavbXuz7YsC0LB9vOoo + YqmRuqiaGy1dVCcbYAy5jne+TgKpZP1FtBXxKs5iCsTPw4TQHJYkTROf8DjnIskzKiK0f02kXFbF + Pv8zUuD3suVc5tJiztBUZ/4ySplVSNL9TowNb0l4H42ahjEXainKIx5mgkOcrEBEkPIcaLpiGcQp + o0Gw4evhLvJZF+GbPFQcKaDUpigh6lLr9S35kiUjoYduq6e6JdaU1AAtllTGD2pe7kt5ut8R6tUl + mvA2fTb9jG18bfoZ2/jb1DOWnYorkktTEvvh43/YnaE8ibI9ftbD1kIXTcFVqtkdqhJnv/ZNVYun + g+xPDNEivQeRwZSjZqfjMpo8vc5XUFfvpS7sihrsqtH/gLvrOt8AAAD//xoK6Wu01KGHi0dLHVyl + DnqpgavxZwJv48GbQEA/pUPyZjVobTmUbQB0SX5JInRlPLopuFp5BriKMQMj7OUhrkWWBjg9gLMV + iKv1CipHsEoY45SAtxtT88oyi/LzIA1HiFBKKXRbBoRLTOiVATsV5C5YxFgeDDEMbijQpozE4rB8 + 8NJJ2BplYD6AOLkaxoRWR2Q7ALyFRR9mro5SbmJFEGRYC8Wz4EWPRSWOJRCPgxZfgxZGgrwOF0fV + bISiG6oB7Nra2loAAAAA//8DAO+eS8MFNAAA + headers: + Atl-Request-Id: + - 8272cc14-c522-4abb-8f48-7108c7f8579e + Atl-Traceid: + - 8272cc14c5224abb8f487108c7f8579e + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:46 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=270,atl-edge-internal;dur=16,atl-edge-upstream;dur=254,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 494e39b2e1dd88f221ef7edde39a9b62 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"transition": {"id": 41}, "fields": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '40' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1586/transitions + response: + body: + string: '' + headers: + Atl-Request-Id: + - 530481fc-667c-47b6-a5fd-5a62650cc955 + Atl-Traceid: + - 530481fc667c47b6a5fd5a62650cc955 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - text/html;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:46 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=453,atl-edge-internal;dur=13,atl-edge-upstream;dur=441,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 16632a6015865094d4ed20a01bfbf0a0 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0teXbskbdcubzLBKTqFdi+KSJrcYjRNSpMOxth/N8Ghe1TfLvd8 + 557DPaCWO9iOGjH05v3g2HwuoQPhpX23KfeaO6e4SQ14NENSuUHz/T/4GsadEiDBfaxBDyswHsa/ + HllZ0+kJjIDfOXcwOmVNgAnGJMUpTurN5WO9fmh+1M3Ut2FC7DlCMzzDLyETBm33fWjZ7IeYttJ2 + ksHUTkrLLwtiwUDL8rS84j6CFNM8ITQhy4ZQlhFGshRjfIEDHPwu/AHGRvXnbIYbUjGSs7xMKS2/ + WdHfmM4GEOcFzjO64FnbVkW1JMWSyIJmQtAK5IJw6DjPF+1ZgNcx4VaNPL4w6JP2d1bwuD4gfZoQ + mNdtjY7nxZ6sicr1fYOOnwAAAP//AwDS3jB9IAIAAA== + headers: + Atl-Request-Id: + - 6f18b881-f23d-402d-b09e-e316f2b32c97 + Atl-Traceid: + - 6f18b881f23d402db09ee316f2b32c97 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:47 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=158,atl-edge-internal;dur=19,atl-edge-upstream;dur=141,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 6505b5ac6aa402714432ba8139056e39 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15999 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSbbMmU7HtZXEreu6spI8OB4PTK5IxCTAAqCOxvnv3SVF + KT6Y1u40owfi2gO7335YfXZgVXKZOJGjQSagIXktIE9MT/ICTM/EGRS8p0rQ3AolTQ8SYQuwvBdn + XKaQq7S3AG1wD5IplBoMSLs5G1fGqmJOCq8D3w98V8OfFRg7W5dwrnlsRQxOzxFkPxgdHBzgxEA+ + x2lmbWkiz0tgDrFN1CflcptzYwSXrgTroSXr8VJ4oSeMqcBrFdzCGuXPZpOLWT8YjfdxqXbBONFn + x6BvlYm5hVTpdXOHBGcoEfrhsB+E/YE/C8ZRMIwG++5oMPoB/fbJSTJi0fFazQudJHkP9fnh9tqb + SQIm1qKkwOHqITMFz/MeS4SxQsaWlQJiYGrOlkrfuiQdK/lO58/0opKC0sXza77glmtvIWDp1W7t + HNxsBf4gGP9kxF/wY4Fprwq0SrBAkzNubilX1Y2lUTTnuYGe0wie4L1q2Z6TCQSOjrP1KSwAffW/ + 9BwrEFklosSJZIV3dB7AZOB3bQTtRqnVJ7zqCzOxka7zUGe2zQNNvkLP7rrvpLAWFRhna5sg/Gt9 + 1qi5XXJNQDaiKHOBDicPQoKJquE3HK+G42e6+42UtTfZJmzoE9zD4Soc/r9WGljUIEWDwd4q2Pse + BletxUG4GoTfw+IG+V++PIZj2IXTQbsxF6v3DTli9i+vEA1pqiFFvvnHIhi1G3gBlVcNLzx9dK9r + Y79jI+zcGHdtHDx2p6HNZpVIqX4hnKgf4JRbfDgawn1+fTZ0viNwr1Gnqfrq4ZGqKHABkfIHWhAy + dSKrK8AsoVL7HhNLNdg4V+sj/VrETRw/P1ojX1HYZKrKk2NhypyvNzVMmdeAlyWaeOqRCMNB+0g8 + DFsXlYVbKnu4sQVVqYXSwq5fGMRW3Ktfmn//VoiCp2A8kjCtEoELmUgz1yzSHSm+xZWWPUPncX2E + 2zLI+Q0Q/1EFPOwJusAbdGE0GFNEMm4mpYhPhbx9TTvHUFL/IuM2a3Uul/XedkUqOcH2hd/kMAVu + GiTozcg5P3335uTs+vTkaHJ2MbmeTKe/T/F+WKcGQ4IHZhmwcyR6aRnZZcIwJfM1Q9IQOSllVrFf + hObsXEOBrMEqg6h1nyKPAAvK8e+E75fJp8hpXkXMHoZ/V1X32AITkQrJ84eHNt3XJrw1rnP0riUc + zGwqYXu6KqlsO5E83m+R3DRKLwRfI7x9YO/3Ns/D4w5vP/P4FtvNFnKt8sbW0aaj+08Ot21hUzNo + JGz7AQlLqm6VK33WeHOTV9BPNbLErilS7Fg1yVZFiQ2xtE+DftRFC6MtLXwr4/fD+VF+/TtkqVZV + SY3iayETJEbDsFbYDYBkZWUySGqUnkwP6XsDTMgFGSCYJQz/CjB8tCCJSFkWuuwNqfsoX9XfVxG7 + 3KoVMmJzjGEW+e7A9e8o3hjuXMU8z5Sx0dgf+968OX5du+UN9vwrFGSXFxBXRE/srVr2reoQxmc5 + qfBZDq+Yxy4DY9kfFdcWNJvIFIuywBB3iML2gBfU0mfnv7HDCsufXcRcdkhRk+cd+FdNMO/u2AX2 + rbWfOD56P6k/H5pPm2OabF55Gs6ERSYg0RpTOEJFjMiS3bFL1NEPkdz6wV4QHNReEEblInEltvpu + qhbeosolotYiq3j3z1+RiqHfxJrk4iW4hbAaXKVTD0ubE9wFtqtECR4edTNb5CRXpwq/dbJIzxTS + KucYyhX9a6vdPwYp/gYAAP//7FnbTttAEP2VFVJREsXGsZ0rQjQoRVCJqipqH+gLG++auHXiyHHC + Q/n4nllvlsRkaUvVKg8IlItnZy8zs2fOTHhKwXMt8xWKM+aw2jkpNtlhWhxDue36dYvxtKuP/KBN + Cw6RWFeySbZRlJg9kE0ba4sOGsoo9Iw1RkvJRohAPHyP28n8fpMBoNpsO7rXf5OWa8JbfQ/cf3we + bHykcARX/FvGCGGx11/qsRpe6rtO/eyZWQNBhudf8ea8yN9YEqGjpvi7iNs2fOM6W+Yw43mSSoCB + LE19eFccq/DaGDh6BKkGwMQsmwG99N13k+yIi1WyANCBYbT9DvArJiMjWNZpjZx3qya/Zci9jLaK + mlJn21z7XG+EfC6Mzxfa5/cTwj6O+WZ3DKQ7ghxpO8p5TCtRkgYmzZeFC8t/eZz/CuCTSg1y26I1 + qx9shBFGfFREVazFkMIyJ0a8MQFGTqCNhwhJdSUHVWM2Nx4sQG4sgnwlHUpfSfR0YCmN+YoS7oaX + CMMG9ELBha/DKMJ8AySIcZpE2oNXicoK2oGfFXEgm2vPlKdiWc5SCHLXeP5yOudRQTofMpaoLwxA + vkqEFFux9AkXCmwKS/9JhGjVeUZ5gAK8xsU0mdVZrf4wRQAX2QBB+5SLtw0drVIxWzZuhZvZuMjB + P1ShQYVCdagp1yqC0BROFYFn0/BsjNgzjHhtHttAWxXnmc1sMcsqv+BFwaMJpc6SvSyW0yknanVg + y/1kbSqRsvyF/Ivu4CmPIirsLsVJtwUg9N4EQ9npdcadkDte7HedMOZtp9/veo7oxEJ243EoA+Jq + RhPLlrqD39SUFDJDIeg+0Z55nqXi7caWQeVogWe7OMof0gUbVMNIZ91JCOJA+GMpeKfb4zLgfRHz + sN+LxrzTj8JW61ScqFlw1jf+Of5LPWfKZ5q+OE75aOEuF849TOb4LvEit7ysZFNnzvmCTAp9lQtQ + 7uDjxZkTuvMZMeZqR2j/d1xtKe3/jqstqX3fMVBMlI0OXdJcqOBnZymffZezxSSZq6tFLK7srpRA + eAPWi9Hvlnk2l0c3QKKI+gD6DlJfFFJz02kZ3SbeXQyFNvgNbT2S0NZ4Cw3E5zo/vMLRHgbeKxz9 + jx2/wpENjqqoYWieYUXY+l15BX/Q7z36s4cFs4Lrn7Gqs1j5nBXGrETP3w2Uto6oZ2O2hAo7BZ45 + ckUQ9A5+AgAA///CIQFvOqbmlWUW5edBmocQoZRS6BwqhEtU6OXnQkyohjGhtQMZpTXS9K8+zFwd + pdzEiqDU4tIckMFIdoMHDItKHEsg7ijLL6HePAXEMLihQLsyEovD8sHjrbCpBNBMCWgUE2Ql3CGo + rjVCcS5UAzh4amtrAQAAAP//AwDNg8Y6sh8AAA== + headers: + Atl-Request-Id: + - 904e4ef1-3592-4a5a-8181-33462edf9e17 + Atl-Traceid: + - 904e4ef135924a5a818133462edf9e17 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:47 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=274,atl-edge-internal;dur=23,atl-edge-upstream;dur=251,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - cae621907ca553677f1a76ab38220c39 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 4bb43564-4423-41b8-9466-145193f67b9e + Atl-Traceid: + - 4bb43564442341b89466145193f67b9e + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:47 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=277,atl-edge-internal;dur=14,atl-edge-upstream;dur=264,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - a924d760ab797f32fa5a1afaeaaf2806 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: fresh:0.3.0", "description": "\n\n\n\n\n\n\nA group + of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: fresh:0.3.0|http://localhost:8080/finding_group/360] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2017-16119|https://nvd.nist.gov/vuln/detail/CVE-2017-16119] + | [400|https://cwe.mitre.org/data/definitions/400.html] | fresh | 0.3.0 | [Regular + Expression Denial of Service - (Fresh, < 0.5.2)|http://localhost:8080/finding/235] + | Inactive, Verified, Risk Accepted |\n\n*Severity:* High\n\n *Due Date:* Jan. + 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial + of Service - (Fresh, < 0.5.2)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2017-16119|https://nvd.nist.gov/vuln/detail/CVE-2017-16119]\n\n\n\n\n\n\n*Source + File*: express>fresh\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/526\nAffected + versions of `fresh` are vulnerable to regular expression denial of service when + parsing specially crafted user input.\n Vulnerable Module: fresh\n Vulnerable + Versions: < 0.5.2\n Patched Version: >= 0.5.2\n Vulnerable Paths: \n - + 0.3.0:express>fresh,express>send>fresh,express>serve-static>send>fresh,serve-favicon>fresh\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.5.2 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/526\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '1975' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15999 + response: + body: + string: '' + headers: + Atl-Request-Id: + - f33d4c94-aa5f-46ae-aa8e-b1c59ca37fed + Atl-Traceid: + - f33d4c94aa5f46aeaa8eb1c59ca37fed + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:48 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=448,atl-edge-internal;dur=19,atl-edge-upstream;dur=420,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 354f60827b4f96e929f2c076f4199e91 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15999 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSY7MmU7HtZXEreu6spI8OB4PTK5IxCTAAqCOxv7v3eUh + xYfS2p1m9EBce2D32w+rLw6sSi4TJ3I0yAQ0JG8E5InpSV6A6Zk4g4L3VAmaW6Gk6UEibAGW9+KM + yxRylfYWoA3uQTKFUoMBaduzcWWsKuak8Crw/cB3NfxZgbGzdQlnmsdWxOD0HEH2g9H+/j5ODORz + nGbWlibyvATmENtEfVYutzk3RnDpSrAeWrIeL4UXesKYCrxOwQ2sUf50Njmf9YPR+DUu1S4YJ/ri + GPStMjG3kCq9bu6Q4AwlQj8c9oOwP/BnwTgKhtHgtTsajH5Av31ykoxYdLxW80InSd5DfX64uXY7 + ScDEWpQUOFw9YKbged5jiTBWyNiyUkAMTM3ZUukbl6RjJd/r/JleVFJQunh+xRfccu0tBCy92q2t + g+1W4A+C8U9G/AU/Fpj2qkCrBAs0OePmhnJVXVsaRXOeG+g5jeAx3quW7TmZQODoOFufwALQV/+u + 51iByCoRJU4kK7yj8wAmA7/bKLX6jDd6YcBb6TrcdQK7cNPkK5Bsb/VeCmtRgXE2tgmpv9ZnjZrb + JdeEVyOKMhfocPLg5piPGmXD8Wo4fqa738hMd5NNXoY+oTocrsLh/2ulyX6NRTQY7K2Cve9hcNVZ + HISrQfg9LLYAv7t7DMdgF07DXRuDbmMuVh8ackRYXFwiTNJUQ4p8849FMOo28GYqrxpeePro3q6N + 1zs2wp0b410b+4/daWizWSVSql8IJ+oHOOUWH46GcJ9fuA2dbwnca9RpKst6eKgqClxApPyRFoRM + ncjqCu5aniZtWsRN1L48WiPP8KjJVJUnR8KUOV+3pYzL6Jb9gJih8m6joQEvS/zx1CMRhoPukXgY + tg2VPdzYBapwA6pSC6WFXb8wiJ24V780//6tEAVPwXgkYTolAhcykWauWaRbtnyHKx2ths7jwgk3 + ZZDzayBipAp42BPsAm+wC6PBmCKScTMpRXwi5M0b2jmCkvoXGXd5rLO7rPc2K1LJCbYv/DqHKXDT + YEO3I+fs5P3b49Ork+PDyen55Goynf4+xfthnRoMCR6YZcDO8AWQlpFdJgxTMl8zZBORk1JmFftF + aM7ONBRIJ6wyiFr3KVYJsKAc/1b4fpl8jpzmVcTsYfi3VXWPLTARqZA8f3io7b7a8NZIz9G7jnAw + s6mEzemqpLJ9EsnDsRvuhR2Sm0bpheBrhDcv7/3e5nl43OLtZx7fYLvZQa5T3tg6bDu6/+Rw1xY2 + NYNGwq5RkLCk6la50qeNN9d5Bf1UI29smyLFjlSTbFWU2BBL+zToR7toYbShhW9l/H44P8mvfwcs + 1aoqqVF8I2SCxGgY1gq7BpCsrEwGSY3S4+kBfa+BCbkgAwSzhOFfAYaPFiQRKctCl70ldZ/kq/r7 + KmIXG7VCRmyOMcwi3x24/i3FG8Odq5jnmTI2Gvtj35s3x69qt7zBnn+JguziHOKK6Im9U8u+VTuE + 8b1OKnyvw0vmsYvAWPZHxbUFzSYyxaIsMMQ7RGFzwAtq6dOz39hBheXPzmMud0hR9+ft+5dNMG9v + 2Tn2rbWfOD78MKk/H5tPl2OatK88DWfCIhOQaI0pHKEiRmTJbtkF6uiHSG79YC8I9msvCKNykbgS + W303VQtvUeUSUWuRVbz75y9JxdBvYk1y8RLcQlgNrtKph6XNCe4C+1iiBA+PupktcpKrU4XfOlmk + ZwpplXMM5Yr+tdXuH4EUfwMAAP//7FnbTttAEP2VVSVQEsXGcZyEBCEKoggqUVWg9oG+sPGuiYsT + W7YTHsrH98x6syQmS1uqVnlAoFx29jKemT1zZsITCp5rmS9QnDGHNc5oYZvtJuUBFvdcv2kxnnb1 + nt/t0YEXMyrwFrJN1lFsuc2u4uKeHYehzCjaHsnIraWJRy1lJRpjrdO5ZKcISQx+xHVl/rDNgFg9 + th7uy79JxzXxrr533X/8gFD8VAEL7vz3lBHkQtdfrmMNvDQ3PfWLz8xaiDqMf8Ob86oAwJGIJbXF + 34XguuFb1+k8hxnP4kQCHWRl6t278kDF28rE0yfUagFdzLEp4EyDgRune1ws4gLIB8rR8/sAtIiM + jGBZ5jly3q3a/JYhGTNSFUWmTr+59rlWhHwujM8L7fOHCYEhx36zOwYWHkKOPB7mPKKTKGsDpLJ5 + 6cLyX5/2vwQaJVKj3rpoSfNHK2GEGZ8VcxVLMaSwzKERr2yAmROsxiBCUt3RUd2Y7ZWBAmzHIsgX + 0qF8FofPJ1bSiC8oA694iUBtRC8UXPhKV7SAOtl8nMSh9uBlrNKEduAXxSTI5toz1VOxNGcJBLlr + PH8xzYAEtOZTymL1hQHZF7GQYi2WrnChQK9w9J9EiF6apZQYKMAbXEzjWZM1mo9TBHCZjhC0z8l5 + z/DTOjezpedOYBOYao3ydpmDqaiShIqM2tTAVFI1gWf2qAtsFNkzFHlpHttEW1nnGWXWqGadcPCy + 5OGEcmlFZ4r5dMqJa72zkQGyNtVMaf5KQkZ38IiHIVV6F+Jw0AEQejvdY9nf74/7AXe8yB84QcR7 + znA48BzRj4QcRONAdom8mZU4tlo7+s2VkkLmWAi6T6Qzz9NEvF9RGdyODnix36P8IV3QQzWN1ix7 + Dt2oK/yxFLw/2Oeyy4ci4sFwPxzz/jAMOp0jcah2wbPu+Gf4r9Y5Uz7TfMZxqqHCnRfOA0zm+C4R + Jbe6rGRTJ+O8IJNivcoFqH/w8fzECdxsRhS63jvafo3rzaft17jevNp2jQFWouqF6BrnXAU/O0n4 + 7F7OikmcqatFpK5qt1R4dwMajNkf5nmayb0bIFFIjQF9B6mDCqm56XSM7htvro4CG/wGtqZJYOvE + BQbic50f3uBoCwPvDY7+h8ZvcGSDozpqGJpnWBFUv6uu4A/6ZUh/9nBgWnL9u1Z9Fyufs8KYlej5 + m4HS1iL1bMyWUGGjwHtitj8BAAD//0KVMMalwxjedEzNK8ssys+DNA8hQiml0ElVCJeo0MvPhZhQ + DWNCawcySmuk+WB9mLk6SrmJFUGpxaU5IIOR7AaPIBaVOJZA3FGWX0K9iQuIYXBDgXZlJBaH5YMH + YGGzDaCpE9CwJshKuENQXWuE4lyoBnDw1NbWAgAAAP//AwA8odpCwx8AAA== + headers: + Atl-Request-Id: + - e0531eeb-9979-46ca-a2d6-bb4db28c1f59 + Atl-Traceid: + - e0531eeb997946caa2d6bb4db28c1f59 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:48 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=291,atl-edge-internal;dur=15,atl-edge-upstream;dur=277,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 29144bfb620aff50a0811e16df8a70ef + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"transition": {"id": 41}, "fields": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '40' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1587/transitions + response: + body: + string: '' + headers: + Atl-Request-Id: + - 89bd7774-427a-4461-b2fc-f7326466b937 + Atl-Traceid: + - 89bd7774427a4461b2fcf7326466b937 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - text/html;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:49 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=513,atl-edge-internal;dur=14,atl-edge-upstream;dur=499,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 1fe414e6e121d9bdb366059b1c6d0675 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0teXbskbbc2bzLBKTqFdi+KSJrcYjRNSpMOxth/N8HB9qi+Xe75 + zj2He0Atd7AdNWLow/vBsflcQgfCS/tpU+41d05xkxrwaIakcoPm+3/wNYw7JUCC+1qDHlZgPIx/ + PbKyptMTGAG/c+5gdMqaABOMSYpTnNSb6+d6/dSc1c3Ut2FC7DVCMzzDbyETBm33fWjZ7IeYttJ2 + ksHUTkrLHwtiwUCXy9PyhvsIUkzzhNCEVA2hLCOMZCnG+AoHOPhd+AOMjeov2Qw3pGQkZ3mVVssz + K/o709kA4rzAeUYXPGvbsigrUlREFjQTgpYgF4RDx3m+aC8CvI4J92rk8YVBn7R/sILH9QHp04TA + vG9rdLws9mJNVG4fG3T8BgAA//8DAF8wrQMgAgAA + headers: + Atl-Request-Id: + - db1a6ced-5634-4988-bdf9-3c4a6d3f56f2 + Atl-Traceid: + - db1a6ced56344988bdf93c4a6d3f56f2 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:50 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=139,atl-edge-internal;dur=15,atl-edge-upstream;dur=125,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 177f4088db778be657711f625dbd342d + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/TEP8loTgmU6HgXBHSykNAT5wTEaxN7YOR/JJckh68N+7smMH + QkwLnd4wg21J+6LdZ5/dfLdgmVEeWYElgUcgITphkEaqzekcVFuFCcxpW2QgqWaCqzZETM9B03aY + UB5DKuL2AqTCPYhGkElQwPX6bJgrLeYzo3DiOo7rdCR8y0Hp8SqDC0lDzUKw2hYz9t3ewcEAPxSk + M/xMtM5UYNsRzCDUkfgqOlSnVClGeYeDttGStmnGbM9mSuVgVwruYYXy5+Ph5XjP7Q36uFS4oKzg + u6XQt1yFVEMs5Kq8Q4RfKOE5XnfP9fZ8Z+wOArcbdPudbnfwE/rtGCeNEY2OF2o+6KSRt1Gf49XX + Xn9EoELJMhM4XD0kak7TtE0ipjTjoSYZgxCImJEHIe87RjoU/Eqm7/Qi58yki6YTuqCaSnvB4MEu + 3No4uN5yHd8d/KLYX/DzHNOez9GqgQWaHFN1b3KVT7V5C2Y0VdC2SsFTvFch27YShsCRYbI6gwWg + r85T29IMkZUhSqyA53hHawsmvtO04VYbmRRf8aofzMRaushDkdkqD+bjGXo2173iTGtUoKzatoHw + b8VZJWb6gUoDZMXmWcrQ4WgrJJioAn7dwbI7eKe7b6SsukmdsK6zj2543aXX/X+tlLAoQIoG3f7S + 7f8Ig8vKou8tfe9HWFwj/+npNRy9Jpz61caMLa9LcsTs394hGuJYQox8849F0Ks28AIizUte+BDc + Nwp2I/4l89wgvZCEKjIF4CQUCGjQEBHBiU6YIgVLGP5Zl8YxEr+1Izj9povtN2x4jRuDpo2D1zF6 + i8v9mssNhxYNzQr2XPykGvtc2R/eH9+y+2z6jV2qk4YsitcjkZs8u6aH3JgFxmMr0DIHjBsq1deI + Q0MZ5WUKfUa/ZGGV9u014ysKq0TkaXTMVJbS1ZpyTC4kYBhMjl/Fwe929gduFYftgDYxr1cz7/ZG + XQOZZEIyvfpgECtxu2iM/761sTmNQdlGQlVKGC4kLE46ahFvgPoZVyroezsQ6/lVTUxaQWvilv/d + fr8/aT22zAnHe7ZjwpfSKRheN5W9Pes04d9tgrk7MKHDyhtmLDxj/P7E7BxDZuYyHlbpLZL+UOzV + K1zwIY5ldJrCCKgqISPXb9bF2dWn0/PJ2enR8PxyOBmORn+M0HnkH4WxwwPjBMgFNjCuibGLJY7V + nq4IkiFLjVKiBfmVSUouJMyRDUmuEN6dXaToYk1aziNznCyaBlbZ7THNmCdTmOXNX7AgZixmnKbb + h9ZT5Tq8RQGk6F1FpAiBmEN9Os9M5e+EfDHG7VeQLwfAD6K0FK4HuJfM+T7gbjHo1jRYGjpaj6n/ + ydtq1rX9tRG/GnKi0nAoUiHPS18wL8C3XCuyjH0A37nejfZeE3H0auJ4K9Uv4/iFP/87JLEUeWYm + 3xPGI6ROtWlPWa4S7E0GnqejQ/OcAmF8YQwYfEUEf9sQ7MIQBUZZ4nXIJ6PuC28Vz1ZAbmu1jAck + i4Nex+04jybQGOdUhDRNhNLBwBk49qw8Oyl8sv3ewR1KkdtLCHPDXuSzeNjTokEYh4woxyHDuyM2 + uXWVJn/mVGqQZMhjLMU5xrdBFOoDtltIn1/8Tg5zLHpyGVLeIGVGVvvAuSsj+fhILnEKL/zE96Pr + YfG4KR9VgsnfAAAA///sWN9v2zYQ/lcOCBDInk3V8q/FgR+KOA8d1qJIur3UBazIjC1UlhRRcjK0 + /d/3HUVRUmx3a7unoU5gS3c88vTd8e6jcGM4C1++C3PsfzbVyYQrTERcS+kzvcccfQ97vj+YvPjV + 015wcsb7tYhxcBGbZO/uiyhGuuaoJW57/Aee4mJkzYJHKXZhnkmRZBsX+9nnNA/BvbkOuBcjsc13 + EVulG3zpOPEUHj43cpfkEo+xlnT9hHCwDfXJebvp0XmUX5InBgPhEZ1v8ss5DcULGGvFUKBAUKUY + 1YqRGItpJR/X8rHAXJV8Usv5clzL2TsjH4hJLfdqudccP6zlQzGs5aNaPqofYFqvy5cNuV2XL73O + idwwmex6wwkj+irm0/he9jj4+gTTo5tQfaSXQSBT3knHAj/9xsCb8f9V4H8G/buDPvrXQUeprMrG + rKsTgGXUXRSSFqixEP6G3kPeRY/Qe8fUrt/V33YgbAHX90Pxc+f+YBAnqOzdhWYCtAAVICZIiMc/ + 2pGDr86xyH41rtRFt4D8PX7637F/sSAKgZ7gxxpHO7W6t0mRBRLpFckut/A+Ou0uVJJxTTeNgYua + aHRBCOyyyD1lWrgIE9df70MFsoJzxNjzwEHuGWJsh4qTMhtZpZsVzscx/IvJp6xM44DTWNo05meQ + mX8XRtx1862fUxJgIUWPW8knalkZMmp3vpKUZPSAs95fpFIZ8KZUmD3I/Ht2AFyt2MXE9EzojQbu + nkkCeaf8MalMAlKBjH2chpjUYKkw2BKoAoh9FH6UoPb3WMWH22kahYF+W2vIU+VwJIEPtiyfDZqj + ykeDT0Ws/HtUDj4K9FXBQ+CfeojMcgYZRTsfxmEC7tBwXoll7B3ODqMYSCt2Bu7h2JyBT2Jeiw7z + OeuDb5DKZF5kMXIbV6qIcka34QPGHXVCMIBnZzjVJIgn/q+SmOveMl6tVsuYj5Q5faIrPBl40Rea + E7++DjPpnJ89eVOkVvnbqcYG5cg5xfLRmDms1FfCPBxLKgOGa06r2+vfr6/e0YBe3tL5Q5Hkl0t8 + ysndbinBJjym7rpL7Mtf+FFVEkkRJRsH2R/gcCdkvO98YG9AsmESu25pvdIOlE5pAB340SNHZlmP + EezQnHcOfcLM5pkw15od/9Ix4NCfNlHoNWgt8oV4qzXl1auvWauMg0ueKOTQnCrl1uigmFvNQTlv + aJ4V9IbmWUlvaJ4V9YbmWVm3moPC3tC0SztweqtfEq0rkGZmpAHJoIL5GnAxRgYTXqgJF2NkQDGq + Ci7GyILS0FQtr0KlpWKQLCotDYNkUWlpGCSLSkvDIFlUGpoSJItKS1OC1Egm4LVFJnFK9ksGODss + 9HyamfEXuhPumMYoGKXFHba/6QGvQ302NC2gaw87nngSTzP6Q79I4AJkin0VElTMCJpMNI2Gp4zK + aB21GZ2yKcN41GZ8yqYM8FGbySmbMiLWhhx6wx1Idyfb4XQS9MqI93TZLUPMrcaPVEJpmcCCmEfY + RaenFtUh/fqiJiHQpQ4WMLF7tUvBWDlubxIK9Q0hBfbhWq7rNo+BNyBFmUQ1V9/S541pmvChnGmK + 4693Ydwhp/N5BxqSJzNLPY7y2f8Dl/0bAAD//0KI07Uta0JmW9YE1JY1GQRtWXL7wsjpltZtWUP0 + tiwAAAD//+ya32qDMBTGX2UUehkXNdVaKF0LG90r9O6YxHW0VfEPe/3lGBu6rNlGr8oIeCEmxxyP + 5vjB9/Na1mtZr2W9lvVa1mtZr2X/jZYNTegvWvY7AzAz8Irt7Lo8vpBdenxdA/wwAA4IKNhTDdVi + DTCDclgD1BVBXQY7NQb7uTyuiS6uhJpkvhjVtmsJXQd8j56c9kTb/nQCNGsnVx1FLDVyGVVzo52L + 6mQFnCNN8iqWaaiULJ3Ga5nMkzxhQGgRpYQVMCNZllIikkLItMiZjNFSNpFqWR27+GOkxO9lLYTK + pcWcoamO4ukiZV4hGvgz6Ta8DBm8NXoaxpxpq7iIRZRLAUk6BxlDJgpg2ZznkGScheFKLIe7qGed + Ri/q0HHkBOVoihKiL7VB35IPVTISBei2BrpbYk1JDdBiSVX8oObVvlSn2w1hQV0iJ2JTc/efsY3d + 3X/GNrZ37xmrFiY0XTUCEtvh43/YHKE8yLLdv9fD1kIXTSNdugvuEJxYTJ77pqrl4061IY7w0bgH + kR1Vo2an4zIjSnudr2Cu3stcYBZzwYnM9Pdm/DmM7egTAAD//xotjgZTwhstjujh4tHiCFdxhF5q + wNt48CYR0OnpkCxYDVoTD2UbAC3ML0mELvVHNwVnYw5nMYazlWeEvaDEtbrSAFezFlQqYJUwgHsZ + TcIYlw5jeLsxNa8ssyg/D9I2hAillEL3mUC4RIVefi7EhGoYE1o7kFFaI22R0YeZq6OUm1gRBBll + QrEbvP6wqMSxBOKOMmDnhtwVkxiLoyGGwQ0F2pWRWByWD167CVu/DFqenZMP6kIgOQTVtUYozoVq + AAdPbW0tAAAA//8DAJUrt8bWNAAA + headers: + Atl-Request-Id: + - b27d138d-f7ed-4536-adf8-1396efe38db2 + Atl-Traceid: + - b27d138df7ed4536adf81396efe38db2 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:50 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=286,atl-edge-internal;dur=11,atl-edge-upstream;dur=275,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - bfb0f0ea272e55a771394a4293d86614 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 143dae7a-752d-4675-b944-d0c11d98120d + Atl-Traceid: + - 143dae7a752d4675b944d0c11d98120d + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:50 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=327,atl-edge-internal;dur=12,atl-edge-upstream;dur=315,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 410a178f5c013a18def67fb7d4945df1 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: pg:5.1.0", "description": "\n\n\n\n\n\n\nA group of + Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: pg:5.1.0|http://localhost:8080/finding_group/359] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [2222Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236] | Inactive, + Verified, Risk Accepted |\n| High | [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/234] | Inactive, + Verified, Risk Accepted |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 + \n\n\n\n\n\n\n\n\n\n\nh1. Findings\n\nh3. [2222Remote Code Execution - (Pg, + < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < + 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= + 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 + < 7.1.2)|http://localhost:8080/finding/236]\n*Defect Dojo link:* http://localhost:8080/finding/236 + (236)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, + < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < + 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= + 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 + < 7.1.2)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/521\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '7161' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 53b61aa9-36e3-4e04-8824-e88e50b2631c + Atl-Traceid: + - 53b61aa936e34e048824e88e50b2631c + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:51 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=272,atl-edge-internal;dur=14,atl-edge-upstream;dur=260,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 5b3f7d6fe31945a5272ad8727cb08129 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/pCF+yQvGM50OA7k7WkppCPCBYzKKvbF1OJIrySHpwX/vym+B + EDOFTm+YwbakfdHus89uvluwyiiPrMCSwCOQEH1ikEaqw+kCVEeFCSxoR2QgqWaCqw5ETC9A006Y + UB5DKuLOEqTCPYjGkElQwHV1NsyVFou5UTh1Hcd1uhL+ykHpyTqDC0lDzUKwOhYz9t3B4aGPHwrS + OX4mWmcqsO0I5hDqSHwTXapTqhSjvMtB22hJ2zRjtmczpXKwawX3sEb588nocrLvDvwhLhUuKCv4 + bin0LVch1RALuS7vEOEXSniO1993vf2eM3H9wO0H/WG33/d/Qr8d46QxotHxQs0HnTTyNupzvOba + 1UcEKpQsM4HD1SOiFjRNOyRiSjMeapIxCIGIOXkQ8r5rpEPBr2T6Ti9yzky6aDqlS6qptJcMHuzC + rY2D1Zbr9Fz/F8X+hp8XmPZ8gVYNLNDkhKp7k6t8ps1bMKepgo5VCp7ivQrZjpUwBI4Mk/UZLAF9 + dZ46lmaIrAxRYgU8xztaWzDpOfVGJsU3vNEHA15JF+EuEliH23w8A8nmVlecaY0KlNXYNkj9rTir + xFw/UGnwqtgiSxk6HG3dHPNRoKzvr/r+O919IzP1TZq89J0DdMPrr7z+/2ulzH6BRTToDlfu8EcY + XNUWe96q5/0IixXAn55ew9Ftw6nXttGrN+ZsdV2SI8Li9g5hEscSYuSbV0WAFxBpXpb/h+C+UbAb + 8S8J5gZZhCRUkRkAJ6FAQIOGiAhOdMIUKcjA0ExVGifI79aO4AzaYjBs2zho2fBaN/y2jcPXwXuL + y3sNlxsOLRqaFey7+Ek19rmyP7w/8GX32fQbu1QnDYsUr8ciN3l2TQ+5MQuMx1agZQ4YUFSqrxGg + hkvKyxT6jH7JwhoP22vGVxRWicjT6ISpLKXriotMkiRgGEzyX8Wh1+8e+G4dh+2ANsy7vdFWA15T + A5lkQjK9/mAQa3G7aIz/vrWxBY1B2UZC1UoYLiQsTrpqGW8Q/AVX6prwdkDZ69XFMt0L9qZu+d8d + DofTvcc9c8Lxnu2Y8KV0BobwTWVvzzpt+HfbYO76JnRYkqOMhWeM338yOyeQmbmMh3V6i6Q/FHvN + Chd8hGMZnaUwBqpKyMjqzbo4u/p8ej49Oz0enV+OpqPx+I8xOo/8ozB2eGCSALnAzsY1MXax9pEG + 0jVBlmSpUUq0IL8yScmFhAXSJMkVwru7iy1drEnLeWSOk0WzwCq7PaYZ82QKs7z5CxbEjMWM03T7 + UDVVVuEtCiBF72oiRQjEHJrTeWYqfyfkizHuoIZ8OQB+EKWlcDPAvaTU9wF3i1q3psHS0HE1pv4n + b+tZ1+5VRnr19BOVhkORCnle+oJ5Ab7lWpFlbBD4zvVutA8a4ngro9tCDam8jONX/vzviMRS5JmZ + fD8xHiF1qk3fynKVYNMy8DwdH5nnDAjjS2PZ4Csi+NuGYBeGKDDKEq9LPht1X/le8dwLyG2jlvGA + ZHEw6Lpd59EEGuOcipCmiVA68B3fsefl2Wnhk90bHN6hFLm9hDA37EW+iId9LVqEcfqIcpw+vDti + k1tXafJnTqUGSUY8xlJcYHxbRKE5YLuF9PnF7+Qox6InlyHlLVJmlrUPnbsyko+P5BKn8MJPfD++ + HhWPm/JRJ5j8AwAA///sWN9v2zYQ/lcOCBDInk3V8q/FgR+KOA8d1qJIur3UBazIjC1UlhRRcjK0 + /d/3HUVRUmx3a7unoU5gS3c88vTd8e6jcGM4C1++C3PsfzbVyYQrTERcS+kzvcccfQ97vj+YvPjV + 015wcsb7tYhxcBGbZO/uiyhGuuaoJW57/Aee4mJkzYJHKXZhnkmRZBsX+9nnNA9ByrkOuBcjsc13 + EVulG3zpOPEUHj43cpfkEo+xlnT9hHCwDfXJebvp0XmUX5InBgPhEZ1v8ss5DcULGGvFUKBAUKUY + 1YqRGItpJR/X8rHAXJV8Usv5clzL2TsjH4hJLfdqudccP6zlQzGs5aNaPqofYFqvy5cNuV2XL73O + idwwmex6wwkj+irm0/he9jj4+mjTo5tQfaSXQSBT3knHAj/9xsCb8f9V4H8G/buDPvrXQUeprMrG + rKsTgGXUXRSSFqixEP6G3kPeRY/Qe8fUrt/V33YgbAHX90Pxc+f+YBAnqOzdhWYCtAAVICZIiMc/ + 2pGDr86xyH41rtRFt4D8PX7637F/sSAKgZ7gxxpHO7W6t0mRBRLpFckut/A+Ou0uVJJxTTeNgYua + aHRBCOyyyD1lWrgIE9df70MFFoNzxNjzwEHuGWJsh4qTMhtZpZsVDs4x/IvJp6xM44DTWNo05meQ + mX8XRtx1862fUxJgIUWPW8lHbVkZMmp3vpKUZPSAs95fpFIZ8KZUmD3I/Ht2AFyt2MXE9EzojQbu + nkkCeaf8MalMAlKBjH2chpjUYKkw2BKoAoh9FH6UoPb3WMWH22kahYF+W2vIU+VwJIEPtiyfDZqj + ykeDT0Ws/HtUDj4K9FXBQ+CfeojMcgYZRTsfxmEC7tBwXoll7B3ODqMYSCt2Bu7h2JyBM2Jeiw7z + OeuDb5DKZF5kMXIbV6qIcka34QPGHXVCMIBnZzjVJIgn/q+SmOveMl6tVsuYj5Q5faIrPBl40Rea + E7++DjPpnJ89eVOkVvnbqcYG5cg5xfLRmDms1FfCPBxLKgOGa06r2+vfr6/e0YBe3tL5Q5Hkl0t8 + ysndbinBJjym7rpL7Mtf+FFVEkkRJRsH2R/gcCdkvO98YG9AsmESu25pvdIOlE5pAB340SNHZlmP + EezQnHcOfcLM5pkw15od/9Ix4NCfNlHoNWgt8oV4qzXl1auvWauMg0ueKOTQnCrl1uigmFvNQTlv + aJ4V9IbmWUlvaJ4V9YbmWVm3moPC3tC0SztweqtfEq0rkGZmpAHJoIL5GnAxRgYTXqgJF2NkQDGq + Ci7GyILS0FQtr0KlpWKQLCotDYNkUWlpGCSLSkvDIFlUGpoSJItKS1OC1Egm4LVFJnFK9ksGODss + 9HyamfEXuhPumMYoGKXFHba/6QGvQ302NC2gaw87nngSTzP6Q79I4AJkin0VElTMCJpMNI2Gp4zK + aB21GZ2yKcN41GZ8yqYM8FGbySmbMiLWhhx6wx1Idyfb4XQS9MqI93TZLUPMrcaPVEJpmcCCmEfY + RaenFtUh/fqiJiHQpQ4WMLF7tUvBWDlubxIK9Q0hBfbhWq7rNo+BNyBFmUQ1V9/S541pmvChnGmK + 4693Ydwhp/N5BxqSJzNLPY7y2f8Dl/0bAAD//0KI07Uta0JmW9YE1JY1GQRtWXL7wsjpltZtWUP0 + tiwAAAD//+yayWrDMBCGX6UEcpTrRfESCGkCLekr5DaW5KYkXvBCX78ayxGtGrWlJ1MEPhhLY43H + 1viH/3Na1mlZp2WdlnVa1mlZp2X/jZYNdOgPWvYrA7DS8Irp7NrggIDaBjQcgq5g3wI7j+QDkgvG + VN/GkVDNeJgRNoPd1wb7tTy2iTauxNdrfjKqTTsT+h7YCT055Yl2Q1kCmrWLm44ilhq5jLr9o52L + 6mQLjCFN8sw3SSCVrL+MdiJO4zymQPwiTAgtYEWyLPEJjwsukiKnIkJLWUfKZVXs+peRAr+XHecy + lw5zhra+8IcPKbMa0cDvEbjxZQjvpVXTMOaKYUVFxMNccIiTFEQEGS+AZinLIc4YDYIt34x3kc+6 + DJ/koeJICdVkihKiLnXe0JE3WTISeui2eqpbYk1JA9BhSWX8qOblvpSnhz2hXlMhJ2LidPPP2OTx + 5p+xyfPNPWPZqbiiqyZA4jB+/Hf7C1RnUXWn12bcWuiiKaRLNbsjghPrxePQ1o24P8o2xBA+mvYg + QqVyVO90XGZCaW/zFdTWe6kNzKI2OJHq/t5OP4epHb0DAAD//xotjgZTwhstjujh4tHiCFdxhF5q + wNt48CYR0OnpkCxYDVosD2UbAC3ML0mELvVHNwVXK88AVzFmYIS9PMTZ+MPVejXBtezSAFfrFVRc + YJUwxikBbzem5pVlFuXnQdqGEKGUUug+EwiXqNDLz4WYUA1jQmsHMkprpC0y+jBzdZRyEyuCIKNM + KHaD1x8WlTiWQNxRBuzckLtiEmNxNMQwuKFAuzISi8PywWs3YeuXQcuzc/JBPQUkh6C61gjFuVAN + 4OCpra0FAAAA//8DAOG+Je3WNAAA + headers: + Atl-Request-Id: + - afa796d5-550a-41f4-bea7-3ff7deb8eb60 + Atl-Traceid: + - afa796d5550a41f4bea73ff7deb8eb60 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:51 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=263,atl-edge-internal;dur=15,atl-edge-upstream;dur=251,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 9370ba7908b6e2fe64781d82ceba632b + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0teXbskbbc2bzLBKTqFdi+KSJrcYjRNSpMOxth/N8Ghe1TfLvd8 + 557DPaCWO9iOGjH05v3g2HwuoQPhpX23KfeaO6e4SQ14NENSuUHz/T/4GsadEiDBfaxBDyswHsa/ + HllZ0+kJjIDfOXcwOmVNgAnGJMUpTurN5WO9fmh+1M3Ut2FC7DlCMzzDLyETBm33fWjZ7IeYttJ2 + ksHUTkrLLwtiwUCXy9PyivsIUkzzhNCEVA2hLCOMZCnG+AIHOPhd+AOMjerP2Qw3pGQkZwVJl1X1 + zYr+xnQ2gDgvcJ7RBc/atizKihQVkQXNhKAlyAXh0HGeL9qzAK9jwq0aeXxh0Cft76zgcX1A+jQh + MK/bGh3Piz1ZE5Xr+wYdPwEAAP//AwBv7vEDIAIAAA== + headers: + Atl-Request-Id: + - b90295c3-ea3e-4c26-8ac3-4dfdf70ff9d3 + Atl-Traceid: + - b90295c3ea3e4c268ac34dfdf70ff9d3 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:51 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=158,atl-edge-internal;dur=12,atl-edge-upstream;dur=146,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 86633b8006fb86ae66349ba4d25a438c + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/pCF+SyDxTKfDQO6OllIaAnzgmIywN7YOW3IlOS89+O9d+S0Q + EqbQ6Q0z2Ja0L9p99tnNdwuWOeWRFVgSeAQSok8M0kh1OM1AdVSYQEY7IgdJNRNcdSBiOgNNO2FC + eQypiDtzkAr3IBpDLkEB1/XZsFBaZDOjcOo6jut0JfxVgNKTVQ4XkoaahWB1LGbsu/3h8BA/FKQz + /Ey0zlVg2xHMINSR+Ca6VKdUKUZ5l4O20ZK2ac5sz2ZKFWA3Ch5ghfLnk9HlZN/tD/q4VLqgrOC7 + pdC3QoVUQyzkqrpDhF8o4Tleb9/19n1n4g4Ctxf03O7hgfcT+u0YJ40RjY6Xaj7opJG3UZ/jtdeu + PyJQoWS5CRyuHhGV0TTtkIgpzXioSc4gBCJmZCHkQ9dIh4JfyfSdXhScmXTRdErnVFNpzxks7NKt + tYP1luv47uAXxf6GnzNMe5GhVQMLNDmh6sHkqrjX5i2Y0VRBx6oET/FepWzHShgCR4bJ6gzmgL46 + Tx1LM0RWjiixAl7gHa0NmPhOs5FL8Q1v9MGA19JluMsENuE2H89Asr7VFWdaowJltbYNUn8rzyox + 0wsqDV4Vy/KUocPRxs0xHyXKeoNlb/BOd9/ITHOTNi89xwDd6y293v9rpcp+iUU06B4s3YMfYXDZ + WPS9pe/9CIs1wJ+eXsPR3YVTr9mYseV1xYGY/du71yf95iSNYwkx8s2rIsALiLSoyv9DcF8r2I74 + lwRzgyxCEqrIPQAnoUBAg4aICE50whQpycDQTF0aJ8jv1pbg9HcF52DXxuGODW/nxmDXxvB18N7i + cn/YcLnh0LKhWcG+W1O7CaVkYZOBzTVT13h/lYgijU6YylO6qqsflxdUY6esOsz7U1f1r3XHsit1 + 0vBQ+XosCoOU0tUbs8B4bAVaFsY2KtXXCHHDRnWcJGAYTPJfxcH3ur1h29M2A9oy7+bGrhrw2hrI + JROS6dUHQ9CI22Vj/PetjWU0BmUbCdUoYbiQsDjpqnm8RvAXXGlqwtsCZc9vimW6F+xN3fL/0DvE + z8c9c8Dxnm2Y6KX0Hgzfb6l4Q5NbA+buQrk7MJHDihzlLDxj/OGT2TmB3IxlPGywViJwUe61K1zw + EU5l9D6FMVBV4VfWb9bF2dXn0/Pp2enx6PxyNB2Nx3+M0XmkH4WhwwOTBMgFNjauibGLpY8skK4I + kiRLjVKiBfmVSUouJGTIkqRQiM3uNrJ0sSQt55E5Th75gVU1e8wypsnU5RYSxITFjNN081A9VNbh + LSskRe/qb4OAmEN7ushN4W9F/Msprpr/PgjSSrid314y6vtwu8GsG8NgZei4nlL/k7fNqGv7tRG/ + GX6iynAoUiHPK18wL8A3XCuzjP0B37nejvZ+yxtvZXRTqOWUl3H8yp//HZFYiiI3g+8nxiPkPbVu + W3mhEuxZBp6n4yPzvAfC+NxYNviKCP60IdidIQqMssTrks9G3Ve+Vz73AnLbqmU8IBxjpRnVQgZO + t9/1H03AMd6pCGmaCKWDgTNw7FklMy19s/3+4A6lye0lhIUhMfJFLPa12CGMQ0hU4BDi3RGb3LpK + kz8LKjVIMuIxlmSGcd4hCu0B2y2lzy9+J0cFFj+5DCnfIWVGWnvo3FURfXwklziMl37i+/H1qHzc + VA+R/QMAAP//7FltT9swEP4r1iRQWzVpmqQpLUKMqUJjGmiCbV/QpLqxm0akSZWXsg/8+D3nvPQF + SrsiEJNWqpLEPvt89/g53yV3NN0UZxq6/O6n4AESVaDCFQZiRKnsgd1iDM3E3tdw6jfbSgsCaTgX + eoj8RfeieWueBSFgm4JTWqv9f9EQlmFUcu691Kd+Gks9ir0WNjYnvPs4nBMhtNBVn6TTgOQW/sKN + 8hgNZuJzLb0s4LDpb8pJ1ToGMvR5QFC6kfEcqSfTWO2qGqHJDoP0+ATDOLpR32DLwvMt07Jo/ouQ + kti5bJKxVEbQZNd+csfOXFfOCIFPGcrBwjtWb2dDFf2VoezdDWVvNdSrG8nc2UjYkiUs+w1lMHrG + GoNMsgH2Mh5+Accxs9dk4PgOW+WJ8m/S1iuiUPeW/mZ4wBIGipfZAMTMKFxB661yrIaf+lPrf3b1 + rIE9i+e3+KfttX0wJQCmhnjZBl51QeMmymIY89wPJAhW5gY/9NJjrvytLhd4XBIcLAJBA4RdqREh + QhTUqvtRi4u5nyDKSArFXcSIMRkdMCrPDOTS4WKGIcPphpH+Mi7PM3EBh0I7goOo4JAUcOBpyt27 + pMnuJ747YUgFPA80nYEi2YxjrtBjnCGNcyGIE5Mb8zHpMcyBrX3loZeBsIdsIrmA5JwHyKry1bKf + C4UuERECuRx+VtvL7LK/DEl0+abyBFG2o9krm9urI6DnBOJ4CJCr/d/f7hiKCn36IXzhlpaVYJRZ + Ngp8t3Dapa+CbeGzH+ogRhYunJErw8A7ARriYvGQu5jOQAskcxUxX90whMa5L6RYgdM19hROp5j6 + b0BRiM4iiqyE8RoXUz+ss1r9YQoMp1G/wu2TpPHqhGHuSRgmEYb5QsLYK4w8Iox9A9myf9+aMJz/ + hPEGhGH/W4ThVKJbCONx0aRTFffWc+FN1ZS2vZwupTEgo+o5VF9a77qpvmZsarCroti6RFWSKK2w + qeOmEoWxqRBnVHOqDTChBKXI05dT/fWEMMmmU07p7YdnczAyORW0onjPRJjKFadALBXRLsRJtw1C + NA6sM+kcOSPH5poxNruaPeYdrdfrGppwxkJ2xyNbWpSMV5KYNpft7ygpCTdnQtCuIZ15HAXi45LK + yKtpgmffHShvSd2L824kU9avrbElzJEU3OkecWnxnhhzu3fkjrjTc+12+1ScqFGw1gPzHN9cTpvy + sEgjNS1/lOhZot3DZJqpU36q5zuWbKrNOE/IpJBXMYEHCS4/f9JsfRZSgW39PcT713j9Rcb713j9 + RcjrafwHAAD//6KOi4FFWQpkkBw6tOQBTvwKTjmJedmpecUZmQXgrAXqF0JGsiGlYRRoyMlKybW0 + KL8gVT8KWE4lg0ZtoXkQNBsHlIXndJA10DlI7CNTJrjKYBNcI9om8BHtImhdMJxLHQAAAAD//xot + dejo4tFSh9Yupl+pg15q4GoEmsDbevCmENBP6ZC8WQ1aZQBlGwBdkl+SCF0jgW4KrtaeAa5izMAI + e3mIa17KAKcHcLYG4T5D14GrmWiMUwLefkzNK8ssys+DNCAhQiml0AU6EC4xoVeWX0K9uViIYXBD + gTZlJBaH5YNnm2DTv8B8AHFyNYwJrY7IdgB4MZM+zFwdpdzEiqDU4tIckMFIngVPFRWVOJZAPA6a + 187JB3UlkMRRNRuh6IZqALu2trYWAAAA//8DAE4+G1IPJgAA + headers: + Atl-Request-Id: + - b836cecf-34f7-450c-80e7-ce1253b69e07 + Atl-Traceid: + - b836cecf34f7450c80e7ce1253b69e07 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:52 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=276,atl-edge-internal;dur=14,atl-edge-upstream;dur=262,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - d49ffac1d9854ea198ea904f36c9b299 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQX0vDMBTFv0teXbsk/bMubzLBKTqFdi+KSJrcYjRNSpMOxth3N8Ghe1TfLvf8 + zj2He0Atd7AdNWLozfvBsflcQgfCS/tuU+41d05xkxrwaIakcoPm+3/wNYw7JUCC+1iDHlZgPIx/ + PbKyptMTGAG/c+5gdMqaABOMSYpTnNSby8d6/dD8qJupb8OE2HOEZniGX0ImDNru+9Cy2Q8xbaXt + JIOpnZSWXxbEgoEuFqflFfcRpJjmCaEJWTaEsowwkqUY4wsc4OB34Q8wNqo/ZzPckIqRnBU0rary + mxX9jelsAHFe4DyjJc/atiqqJSmWRBY0E4JWIEvCoeM8L9uzAK9jwq0aeXxh0Cft76zgcX1A+jQh + MK/bGh3Piz1ZE5Xr+wYdPwEAAP//AwCH7Ko5IAIAAA== + headers: + Atl-Request-Id: + - 859638ec-ebe7-429a-b93c-96412e0f731b + Atl-Traceid: + - 859638ecebe7429ab93c96412e0f731b + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:52 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=159,atl-edge-internal;dur=17,atl-edge-upstream;dur=143,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - a8214d3d9be735c9964d7305b09f5bce + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/pCF+SyDxTKfDQLijpZSGAB84JiPsja3DkXySHJIe/Peu/BYI + MS10esMMtizti3affXbz3YJlRnlkBZYEHoGE6JhBGqkOp3NQHRUmMKcdkYGkmgmuOhAxPQdNO2FC + eQypiDsLkAr3IBpDJkEB19XZMFdazGdG4dR1HNfpSviWg9KTVQbnkoaahWB1LGbsu/3hcB8XCtIZ + LhOtMxXYdgQzCHUkvoou1SlVilHe5aBttKRtmjHbs5lSOdi1gntYofzZZHQx2XX7gz5+KlxQVvDd + UuhbrkKqIRZyVd4hwhVKeI7X23W9Xd+ZuIPA7QU9t7u/5/2EfjvGSWNEo+OFmg86aeRt1Od4zbWr + RQQqlCwzgcOvB0TNaZp2SMSUZjzUJGMQAhEz8iDkfddIh4JfyvSdXuScmXTRdEoXVFNpLxg82IVb + awerLdfx3cEviv0FP88x7fkcrRpYoMkJVfcmV/mdNm/BjKYKOlYpeIL3KmQ7VsIQODJMVqewAPTV + eepYmiGyMkSJFfAc72htwMR32jbceiOT4ite9YOZqKSLPBSZrfNgFs/Qs77uJWdaowJlNbYNhH8r + ziox0w9UGiArNs9Shg5HGyHBRBXw6w2WvcE73X0jZfVNmoT1HFMBXm/p9f5fKyUsCpCiQXdv6e79 + CIPL2qLvLX3vR1iskP/09BqOXhtO/XpjxpZXJTli9m9uEQ1xLCFGvvnHIujXG3gBkeYlL3wI7msF + 2xH/knmukV5IQhW5A+AkFAho0BARwYlOmCIFSxj+qUrjCInf2hKcvbaL7bdseK0bg7aN4esYvcXl + /rDmcsOhRUOzgl0Xl1Rjnyv7w/vjW3afdb+xS3XSkEXxeihyk2fX9JBr84Hx2Aq0zAHjhkr1FeLQ + UEZ5mUKf0S9ZWKd985vxFYVVIvI0OmIqS+mqohyTCwkYBpPjV3HwvW5v2PS0zYC2Ma/XMO/mRlMD + mWRCMr36YBBrcbtojP++tbE5jUHZRkLVShh+SFicdNUiXgP1M36poe9tQazn1zUx3Ql2pm7xf+jt + 4/JxxxxwvGcbJnopvQND66awN0edNvi7bSh3ByZyWHijjIWnjN8fm50jyMxYxsM6u0XOH4q95gsX + fIRTGb1LYQxUlYiR1Zt1fnr56eRsenpyODq7GE1H4/EfY3Qe6Udh6PDAJAFyjv2La2LsYoVjsacr + glzIUqOUaEF+ZZKScwlzJEOSK0R3dxsnuliSlvPIHCeL/MAqmz1mGdNk6rK8+QsSxITFjNN081A1 + VFbhLfCfonc1jyICYg7N6Twzhb8V8S+nuHL++yBIS+FmfntJnO/D7QaBbgyDpaHDakr9T97Wo67t + V0b8esaJSsOhSIU8K33BvADfcK3IMrYBfOd6O9r7bbzRb3jjrVS/jOMX/vzvgMRS5JkZfI8Zj5A5 + 1bo7ZblKsDUZeJ6MD8zzDgjjC2PA4Csi+NOGYBOGKDDKEq9LPhl1X/hO8dwJyE2jlvGAcIyVZlQL + GTjdftd/NAHHeKcipGkilA4GzsCxZ6XMtPDN9vuDW5QmNxcQ5obEyGfxsKtFizDOGlGOs4Z3S2xy + 4ypN/syp1CDJiMdYknOMc4soNAdst5A+O/+dHORY/OQipLxFykyu9tC5LSP6+EgucBgv/MT3w6tR + 8bguH2L+NwAAAP//7FltT9swEP4r1iRQWzVpmqQpLUKMqUJjGmiCbV/QpLqxm0akSZWXsg/8+D3n + vPQFSrsiEJNWqpLEPvt89/g53yV3NN0URxe6/O6n4AESVaDCFQZiRKnsgd1iDM3E3tdw6jfbSgsC + aTgXeoj8RfeieWueBSFgm4JTWqv9f9EQlmFUcu691Kd+Gks9ir0WNjYnvPs4gxMhtNBVn6TTgOQW + /sKN8hgNZuJzLb0s4LDpb8pJ1ToGMvR5QFC6kfEcqSfTWO2qGqHJDoP0+ATDOLpR32DLwvMt07Jo + /ouQkti5bJKx1MG/ya795I6dua6cEQKfMpSDhXes3s6GKvorQ9m7G8reaqhXN5K5s5GwJUtY9hvK + YPSMNQaZZAPsZTz8Ao5jZq/JwPEdtsoT5d+krVdEoe4t/c3wgCUMFC+zAYiZUbiC1lvlWA0/9afW + /+zqWQN7Fs9v8U/ba/tgSgBMDfGyDbzqgsZNlMUw5rkfSBCszA1+6KXHXPlbXS7wuCQ4WASCBgi7 + UiNChCioVfejFhdzP0EwkRSKu4gRYzI6YFSeGcilw8UMQ4bTDSP9ZVyeZ+ICDoV2BAdRwSEp4MDT + lLt3SZPdT3x3wnD49jzQdAaKZDOOuUKPcYY0zoUgTkxuzMekxzAHtvaVh14Gwh6yieQCknMeIHnK + V8t+LhS6REQI5HL4WW0vk8j+MiTR5ZvKNETZjmavbG6vjoCeE4jjIUCu9n9/u2MoKvTph/CFW1pW + glFm2Sjw3cJpl74KtoXPfqiDGFm4cEauDAPvBGiIi8VD7mI6Ay2QzFXEfHXDEBrnvpBiBU7X2FM4 + nWLqvwFFITqLKLISxmtcTP2wzmr1hykwnEb9CrdPksarE4a5J2GYRBjmCwljrzDyiDD2DWTL/n1r + wnD+E8YbEIb9bxGGU4luIYzHRZNOVe1bz4U3ZUVtezkrSmNARlWEqKKz3rUqA6412FXta63B2CRh + bCpJGFVJojTPpo6bCnFGpcxKar+e56ndMaHsJc8ik2w65ZTefng2ByOTU0ErivdMhKlccQrEUhnu + Qpx02yBE48A6k86RM3Jsrhljs6vZY97Rer2uoQlnLGR3PLKlRcl4JYlpc9n+jpKScHMmBO0a0pnH + USA+LqmMvJomePYVgXKK1L0470YyZZnaGlvCHEnBne4RlxbviTG3e0fuiDs91263T8WJGgVrPTDP + 8c3ltCkPizRS0/JHiZ4l2j1Mppk65ad6vmPJptqM84RMCnkVE3iQ4PLzJ83WZyEV2NZfN7x/jdff + V7x/jdffd7yexn8AAAD//6KOi4FFWQpkWBo6tOQBTvwKTjmJedmpecUZmQXgrAXqF0LGwiGlYRRo + yMlKybW0KL8gVT8KWBwlg0ZtoXkQNOkGlIXndJA10DlI7CNTJrjKYBNcI9omuGZ1TODlfBG0khgG + xREAAAD//xotjgaDi0eLI1q7mH7FEXqpAW/rwZtGQKenQ7JgNWgxAZRtALQwvyQRukYC3RScjTqc + xRjO1p4R9oIS17yUAa7mLahUwCphAPcymoQxLh3G8PZjal5ZZlF+HqSNCBFKKYUu0IFwiQq9/FyI + CdUwJrR2IKO0RlpbpA8zV0cpN7EiKLW4NAdkMJLd4JmbohLHEog7yvJLqDerDDEMbijQrozE4rB8 + 8KwXbOIXNK+dkw/qSiA5BNW1RijOhWoAB09tbS0AAAD//wMA0WGa4A8mAAA= + headers: + Atl-Request-Id: + - 509645bc-9119-41d6-9b33-7cda72f7d2a9 + Atl-Traceid: + - 509645bc911941d69b337cda72f7d2a9 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:53 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=265,atl-edge-internal;dur=14,atl-edge-upstream;dur=251,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 6af4618e20b19382e45f65b7434a6957 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 7800cada-8b84-41a6-acfb-7f0a37e24eaa + Atl-Traceid: + - 7800cada8b8441a6acfb7f0a37e24eaa + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:53 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=308,atl-edge-internal;dur=14,atl-edge-upstream;dur=295,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - c8d6e631bbceda794429b54813eee14d + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\nA + group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/358] + in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321] + | [300|https://cwe.mitre.org/data/definitions/300.html] | negotiator | 0.5.3 + | [2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/233] + | Active, Verified |\n| High | [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539] + | [400|https://cwe.mitre.org/data/definitions/400.html] | negotiator | 0.5.3 + | [Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232] + | Active, Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= + 0.6.0)|http://localhost:8080/finding/233]\n*Defect Dojo link:* http://localhost:8080/finding/233 + (233)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232]\n*Defect + Dojo link:* http://localhost:8080/finding/232 (232)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '3345' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: '' + headers: + Atl-Request-Id: + - d46b99a3-bbf8-4438-b860-211da1a1cae9 + Atl-Traceid: + - d46b99a3bbf84438b860211da1a1cae9 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:54 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=471,atl-edge-internal;dur=15,atl-edge-upstream;dur=458,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - e016388aa5fe6ad3d4565996fa563690 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/pCF+SyDxTKfDQO6OllIaAnzgmIywN7YOW3IlOS89+O9d+S0Q + EqbQ6Q0z2Ja0L9p99tnNdwuWOeWRFVgSeAQSok8M0kh1OM1AdVSYQEY7IgdJNRNcdSBiOgNNO2FC + eQypiDtzkAr3IBpDLkEB1/XZsFBaZDOjcOo6jut0JfxVgNKTVQ4XkoaahWB1LGbsu/3h8BA/FKQz + /Ey0zlVg2xHMINSR+Ca6VKdUKUZ5l4O20ZK2ac5sz2ZKFWA3Ch5ghfLnk9HlZN/tD/q4VLqgrOC7 + pdC3QoVUQyzkqrpDhF8o4Tleb9/19n1n4g4Ctxf03O7hgfcT+u0YJ40RjY6Xaj7opJG3UZ/jtdeu + PyJQoWS5CRyuHhGV0TTtkIgpzXioSc4gBCJmZCHkQ9dIh4JfyfSdXhScmXTRdErnVFNpzxks7NKt + tYP1luv47uAXxf6GnzNMe5GhVQMLNDmh6sHkqrjX5i2Y0VRBx6oET/FepWzHShgCR4bJ6gzmgL46 + Tx1LM0RWjiixAl7gHa0NmPhOs5FL8Q1v9MGA19JluMsENuE2H89Asr7VFWdaowJltbYNUn8rzyox + 0wsqDV4Vy/KUocPRxs0xHyXKeoNlb/BOd9/ITHOTNi89xwDd6y293v9rpcp+iUU06B4s3YMfYXDZ + WPS9pe/9CIs1wJ+eXsPR3YVTr9mYseV1xYGY/du71yf95iSNYwkx8s2rIsALiLSoyv9DcF8r2I74 + lwRzgyxCEqrIPQAnoUBAg4aICE50whQpycDQTF0aJ8jv1pbg9HcF52DXxuGODW/nxmDXxvB18N7i + cn/YcLnh0LKhWcG+W1O7CaVkYZOBzTVT13h/lYgijU6YylO6qqsflxdUY6esOsz7U1f1r3XHsit1 + 0vBQ+XosCoOU0tUbs8B4bAVaFsY2KtXXCHHDRnWcJGAYTPJfxcH3ur1h29M2A9oy7+bGrhrw2hrI + JROS6dUHQ9CI22Vj/PetjWU0BmUbCdUoYbiQsDjpqnm8RvAXXGlqwtsCZc9vimW6F+xN3fL/0DvE + z8c9c8Dxnm2Y6KX0Hgzfb6l4Q5NbA+buQrk7MJHDihzlLDxj/OGT2TmB3IxlPGywViJwUe61K1zw + EU5l9D6FMVBV4VfWb9bF2dXn0/Pp2enx6PxyNB2Nx3+M0XmkH4WhwwOTBMgFNjauibGLpY8skK4I + kiRLjVKiBfmVSUouJGTIkqRQiM3uNrJ0sSQt55E5Th75gVU1e8wypsnU5RYSxITFjNN081A9VNbh + LSskRe/qb4OAmEN7ushN4W9FfN/vDgdug/hq/vsgSCvhdn57yajvw+0Gs24Mg5Wh43pK/U/eNqOu + 7ddG/Gb4iSrDoUiFPK98wbwA33CtzDL2B3znejva+y1vvJXRTaGWU17G8St//ndEYimK3Ay+nxiP + kPfUum3lhUqwZxl4no6PzPMeCONzY9ngKyL404Zgd4YoMMoSr0s+G3Vf+V753AvIbauW8YBwjJVm + VAsZON1+1380Acd4pyKkaSKUDgbOwLFnlcy09M32+4M7lCa3lxAWhsTIF7HY12KHMA4hUYFDiHdH + bHLrKk3+LKjUIMmIx1iSGcZ5hyi0B2y3lD6/+J0cFVj85DKkfIeUGWntoXNXRfTxkVziMF76ie/H + 16PycVM9RPYPAAAA///sWW1v2jAQ/ivWpFaASAhJCIWq6phQtU5rNbXbvlSTMLEJ0UKC8kL3oT9+ + zzkvvLSUjqpdJ40imsQ++3z33GPfJXc03RRnGrr86qfgARJVoMIVBmJEqeyO3WAMzUTsazj1m22l + BYE0XAg9RP6ie9GitciCELBNwSmt9f4/aAjLMCo591bqMz+NpR7FXguBzQnvPg7nRAgtdNWn6Swg + uaW/cKM8RoOZ+FxJLws4bPqLclK1jqEMfR4QlK5lvEDqyTRWu6xGaLLDID0+wTCObtS32LLwfMu0 + LJp/gLPBQjbJVCofYA/ZxcE6O1bvyXYp+iu72E+3i73TLi9uE3ObTRBwJej6DWUfesYaw0yyISIV + Dz+BwZjZazIweIets0D5N23rFQ2oe0t/NW9jCUPFumwI2mW0GUHrnXKshp/6Q+t/dPWsgYjE8xv8 + 0/YKDkwJPKkhnhee6y5oXEdZDGOe+YEEfcrc4IdeesxdV85TdbmE34rgcEnzDdBxpUYE/i+IU/ej + FhcLP8EeImmj7WIHmJDRAaPyREAuHS1nGDGcXRjpL+PytBIXcCi0IziICg5JAQeeptz9mTTZ7dR3 + pwwHfc8DCWcgQDbnmCv0GGdI0lwI4jzkxnxCeowGaqHaZx56Geh4xKaSC0gueICcKV8t+75U6AJ8 + H8jVzWW9vcwd+6uQRJcvKgsQZTuavbK5vT4Cek4hjocAuQr3/m7HEOf36YfwhVtaVoJR5tk48N3C + aRe+2koLn31TxyyycOGMXBkGmgnQEBeLh9z5bM7dlGQuI+arG4aNb+ELKdbgdIWYwtkTU/8JKArR + eUT7JmG8xsXMD+usVr+bAcNp1K9w+yBpvDhhmHsShkmEYT6TMPbaNe4Rxr771qp/X5swnP+E8QqE + Yf9bhOFUojsI435JpFOV7jYz3W21kra9raGqlVGWlMbAkirjUFlpo6uxraxmVyWvTYmq4FBaYVvH + bQUIY1uZzajmVAEwpfSjyMJXE/nNdC/JZjNOyeu7RzMsMjmVq6J4zzSXihGnQCyVyM7FSbcNQjQO + rIF0jpyxY3PNmJhdzZ7wjtbrdQ1NOBMhu5OxLS1KtStJTJvL9p8oKQk3AyEoakhnHkeBeL+iMrJm + muDRNwPKW1L34rwbyZTVaWtiCXMsBXe6R1xavCcm3O4duWPu9Fy73T4VJ2oUrPXAPMM3l9NmPCyS + RE3LHyV6lmi3MJlm6pR96nnEkk21OecJmRTyak/gQYLLjx80W5+HVD7bfMvw9jXefE3x9jXefM3x + NzX+DQAA//8ixsXAEisFMgQOHTjyACd+BaecxLzs1LzijMwCcNYCdQQh49SQQi8KNKBkpeRaWpRf + kKofBSynkkFjstA8CJprA8rCczrIGugMI/ZxJxNcZbAJrvFqE/h4dRG0LhjZpQ4AAAD//xqk6Wu0 + 1KGHi0dLHVylDnqpgasRaAJv68GbQkA/pUPyZjVoDQGUbQB0SX5JInQFBLopuFp7BriKMQMj7OUh + rlknA5wewNkaxNWKBZUjWCWMcUrA24+peWWZRfl5kAYkRCilFLr8BsIlJvTK8kuoN9MKMQxuKNCm + jMTisHzwXBJscheYDyBOroYxodUR2Q4AL1XSh5mro5SbWBGUWlyaAzIYybPgiaCiEscSiMdBs9Y5 + +aAeA5I4qmYjFN1QDWDX1tbWAgAAAP//AwDmCyHg7SUAAA== + headers: + Atl-Request-Id: + - bd66e6f8-d2a0-4745-a337-3af3fa125545 + Atl-Traceid: + - bd66e6f8d2a04745a3373af3fa125545 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:54 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=258,atl-edge-internal;dur=14,atl-edge-upstream;dur=245,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 9597c0970c71067def43aaf9ad919e94 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"transition": {"id": 11}, "fields": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '40' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1585/transitions + response: + body: + string: '' + headers: + Atl-Request-Id: + - 9f27b226-49e9-445f-99c6-5e3487e6804a + Atl-Traceid: + - 9f27b22649e9445f99c65e3487e6804a + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - text/html;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:55 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=498,atl-edge-internal;dur=16,atl-edge-upstream;dur=482,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - f84385ede737e08075dbf1a5b0df65b7 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0teXbskbbY2bzLBKTqFdi+KSJrcYjVNSpMOxth/N8Ghe1TfLvd8 + 557DPaBGONiOGnH05v3g+HyuoAXplX23qfBaONcJkxrwaIZU5wYt9v/gKxh3nQQF7mMNeliB8TD+ + 9cjKmlZPYCT8zrmD0XXWBJhgTFKc4qTaXD5W64f6R91MfRMmxJ8jNMMz/BIyYdB234eW9X6IaStt + JxVMzdRp9WVBPBjocnlaXgkfQYppnhCakLImlGeEkyzFGF/gAAe/C3+Ase76czbDNSk4yTljKSvz + b1b2N6a1AcQ5w3lGFyJrmoIVJWElUYxmUtIC1IIIaIXIF81ZgNcx4bYbRXxh0Cft76wUcX1A+jQh + MK/bCh3Piz1ZE5Xr+xodPwEAAP//AwADSunvIAIAAA== + headers: + Atl-Request-Id: + - 8b345ef0-42e6-47f0-9d5c-68eb00ace4a6 + Atl-Traceid: + - 8b345ef042e647f09d5c68eb00ace4a6 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:55 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=163,atl-edge-internal;dur=14,atl-edge-upstream;dur=150,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 7d83d163030dc6473420a33a0499404e + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+phIvSYnMmU7HtZXEreu6suI8OB4PTK5IxCTAAqCOxv7v3SVF + Kj6U1u409gNx7YHdbz+svjiwKrlMnMjRIBPQkLwVkCemJ3kBpmfiDAreUyVoboWSpgeJsAVY3osz + LlPIVdpbgDa4B8kUSg0GpN2cjStjVTEnhVeB7we+q+HPCoydrUs41Ty2Igan5wiyH4z29t7gxEA+ + x2lmbWkiz0tgDrFN1GflcptzYwSXrgTroSXr8VJ4oSeMqcBrFdzAGuVPZpOzWT8YjUe4VLtgnOiL + Y9C3ysTcQqr0urlDgjOUCP1w2A/C/sCfBeMoGEajoTse7f2AfvvkJBmx6Hit5oVOkryH+vywu/Zm + koCJtSgpcLi6z0zB87zHEmGskLFlpYAYmJqzpdI3LknHSn7Q+TO9qKSgdPH8ii+45dpbCFh6tVtb + BzdbgT8Ixj8Z8Rf8WGDaqwKtEizQ5IybG8pVdW1pFM15bqDnNIJHeK9atudkAoGj42x9DAtAX/27 + nmMFIqtElDiRrPCOzgOYDPx2o9TqM97ohQHfSNfhrhPYhpsmX4Fke6sPUliLCozT2Sak/lqfNWpu + l1wTXo0oylygw8mDm2M+apQNx6vh+JnufiMz7U26vAx9Ano4XIXD/9dKk/0ai2gweL0KXn8Pg6vW + 4iBcDcLvYXED8Lu7x3AMduE03LUxaDfmYnXekCPC4uISYZKmGlLkm38sglG7gTdTedXwwtNHX+/a + eLNjI9y5Md61sffYnYY2m1UipfqFcKJ+gFNu8eFoCPf5hdvQ+ZbAvUadprKshweqosAFRMofaUHI + 1ImsruBuw9OkTYu4idqXR2vkGR41mary5FCYMufrTSnjMrplzxEzVN6baGjAyxJ/PHokBqE73Avb + R+Jh2Doqe7ixC1RhB6pSC6WFXb8wiK24V780//6tEAVPwXgkYVolAhcykWauWaRbtnyPKy2ths7j + wgm7Msj5NRAxUgU87Al2gTfYhdFgTBHJuJmUIj4W8uYt7RxCSf2LjNs81tld1nvdilRygu0Lv85h + Ctw02NCbkXN6/OHd0cnV8dHB5ORscjWZTn+f4v2wTg2GBA/MMmCn+AJIy8guE4Ypma8ZsonISSmz + iv0iNGenGgqkE1YZRK37FKsEWFCOfyt8v0wGkdO8ipg9DP+2qu6xBSYiFZLnDw9tuq9NeGuk5+hd + SziY2VRCd7oqqWyfRHLd7oxbJDeN0gvB1wh3L+/93uZ5eNzi7Wce32C72UKuVd7YOth0dP/J4bYt + bGoGjYRtoyBhSdWtcqVPGm+u8wr6qUbe2DZFih2qJtmqKLEhlvZp0I920cKoo4VvZfx+OD/Jr//3 + WapVVVKj+FbIBInRMKwVdg0gWVmZDJIapUfTffpeAxNyQQYIZgnDnwIMHy1IIlKWhS57R+o+yVf1 + 91XELjq1QkZMYrys4FbpyHdH7uCWgo4xz1XM80wZG439se/NG5mr2jdvMBpfojS7OIO4Io5i79Wy + b9UOYXy0kwof7fCSeewiMJb9UXFtQbOJTLEyC4zzDlHoDnhBLX1y+hvbr5AD2FnM5Q4pagG9Pf+y + iejtLTvD5rX2E8cH55P687H5tImmyeapp+FMWKQDEq2BhSNUxIgx2S27QB39ECmgj11yGNReEFDl + InEl9vtuqhbeosolQtcitXj3z1+SioHvd3LxEtxCWA2u0qmH9c0J8wKbWeIFD4+6mS1yktvmCyd1 + xkhZiH9TSKucY0z/BgAA///sWW1v2jAQ/ivWpFaASApJCIWq6qhY1U5rNa3aPnRfMLED2UISJYTu + w378nnNMeCmUjqpVJ02tgNg++3y+e87P5RdxOLWPvowCHpIr3cp0BqrGDFa5KWeos8NwenKKaVyz + Ud1iS33yR5Zt0/o9pN+ZrJOp1P2ZbbKLi3227M6T7aLHK7s4T7eLs9MuL24Ta5tNEHBzp+vWlH2o + jdX6uWR9RCoaPwLFmNWpMwB5i62iwPxv3DRLGFDPtvlqp40t9BXyAhR/xIxyErTeKccq+Khu2v+j + u2c1RCTav+PL2Cs4sCT8SU3xvPBcPYLabZynMOZFEErApywMfjiannDPk8lU/Vy435JgfwHzNcBx + qUYM/NfAaQbxERezIEOqkJRv28gAPhkdbjS/GNCRDhYrDBiuMIz0BzXXl5ZUu4PWjtxBlO6QaXfg + 0ykycFZn9+PAGzPcpUcjgHAOAGQJx1rRiHEGUuNBENciL+U+6THoqY0an3g0ygHHAzaWXEByxpFD + zWK37NtCoWvgfSiXk8tq/5xSdZddEkM+K5og5v3oHs27m6szYOQY4miEk6tw7+4+GML8Ln2Qf+GR + tpVhliQfhoGnD+06UKlUn9lXddsiC+vDKJRhgJkQHanePOSuJgn3piRzE7NAPTAkvlkgpFhxpy+I + KVxBsfTfOIUWTWLKm+TjFS4mQVRllervCXx4GndLv90IGi8OGNaegGERYFjPBIy9ssYDwNg3by2f + 72sDhvsfMF4BMJx/CzDcUnQHYDyseLRK0r9OeLdxnqazzHmmKVxGlXOoQLM+tCyKrXU4ZXlqraOx + TaKxre7QKOsOc/NsG7itVtYolVnh7+ssTkXHmLhJwRGzfDLhRGDfPcqwyORUjYrTPaku1STO4LFU + Q7sSp+0mALFxYPeke+wOXYcbDd9qG47PW0an024YwvWFbPtDR9pEi0tJLFvIdp8oKclvekJQ1JDO + PI1D8X5JZbBmWuDRSro6FGmCeKthJDOv5tq+LayhFNxtH3Np847wudM59obc7XhOs3kmTtUs2OuB + dYH/Qs6Y8EiTRMMomjIzz4x7mMywTGKfZhGxZFMj4Twjk0Je5QQeZvh5eW44ZhJRcWK9Kv/2NV4v + 6799jddfC7x1jQFloqgy6+rRpXJ+dh7y6KeMsnGQqNAiIlgUsgs0vIsjGv0hT+NEHt0BjjwqueoY + pHdT6C0jnZbRb+Q2152cbRjsLJWj/wAAAP//QpXANcdhAi/ni6CVxGhxNAgTHqHiCAAAAP//Gowu + Hi2OaO1i+hVH6KUGvK0HbxoBnZ4OyYLVoDl3KNsAaGF+SSJ0xQC6KTgbdTiLMZytPSPsBSWuyScD + XM1bUKmAVcIA7mU0CWNcOozh7cfUvLLMovw8SBsRIpRSCl2uAuESFXr5uRATqmFMaO1ARmmNtNJG + H2aujlJuYkVQanFpDshgJLvBczNFJY4lEHeU5ZdQb0oYYhjcUKBdGYnFYfngqS3YPC5oUho0YQSy + Eu4QVNcaoTgXqgEcPLW1tQAAAAD//wMAVHvxwh0lAAA= + headers: + Atl-Request-Id: + - aea023ac-06d7-49b4-890b-653cdbeb32b9 + Atl-Traceid: + - aea023ac06d749b4890b653cdbeb32b9 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:55 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=255,atl-edge-internal;dur=12,atl-edge-upstream;dur=242,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - db1eece1cc2b9f411bcf055e75cf83f4 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 93b3d9cd-2d71-4f2e-8b20-58184433dd50 + Atl-Traceid: + - 93b3d9cd2d714f2e8b2058184433dd50 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:56 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=386,atl-edge-internal;dur=12,atl-edge-upstream;dur=375,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 55d2f7911669f23faf0f11a821b7d65e + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: negotiator:0.5.3", "description": "\n\n\n\n\n\n\nA + group of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. + Group\n*Group*: [Findings in: negotiator:0.5.3|http://localhost:8080/finding_group/358] + in [Security How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321] + | [300|https://cwe.mitre.org/data/definitions/300.html] | negotiator | 0.5.3 + | [2222Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/233] + | Active, Verified |\n| High | [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539] + | [400|https://cwe.mitre.org/data/definitions/400.html] | negotiator | 0.5.3 + | [Regular Expression Denial of Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232] + | Active, Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [2222Regular Expression Denial of Service - (Negotiator, <= + 0.6.0)|http://localhost:8080/finding/233]\n*Defect Dojo link:* http://localhost:8080/finding/233 + (233)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-300|https://cwe.mitre.org/data/definitions/300.html] + \n*CVE:* [CVE-2019-10321|https://nvd.nist.gov/vuln/detail/CVE-2019-10321]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/107\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-300\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/107\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Regular Expression Denial of + Service - (Negotiator, <= 0.6.0)|http://localhost:8080/finding/232]\n*Defect + Dojo link:* http://localhost:8080/finding/232 (232)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2016-10539|https://nvd.nist.gov/vuln/detail/CVE-2016-10539]\n\n\n\n\n\n\n*Source + File*: express>accepts>negotiator\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/106\nAffected + versions of `negotiator` are vulnerable to regular expression denial of service + attacks, which trigger upon parsing a specially crafted `Accept-Language` header + value.\n\n\n Vulnerable Module: negotiator\n Vulnerable Versions: <= 0.6.0\n + Patched Version: >= 0.6.1\n Vulnerable Paths: \n - 0.5.3:express>accepts>negotiator\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.6.1 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/106\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '3345' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 28c6e248-3f13-40af-b7ab-9f469694aa89 + Atl-Traceid: + - 28c6e2483f1340afb7ab9f469694aa89 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:56 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=323,atl-edge-internal;dur=13,atl-edge-upstream;dur=311,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 4e13f736d484b357a2ffdd263327e487 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xX23LbNhD9FQwfU4k3SYnMmU7HdZTEreu6spI8OB4PTK5IxCTAAKAutfPv3SVF + KrasTO1OYz8Qt71g9+zB6taBVcll4kSOBpmAhuSNgDwxPckLMD0TZ1DwnipBcyuUND1IhC3A8l6c + cZlCrtLeArTBPUimUGowIO3mbFwZq4o5KbwKfD/wXQ1fKjB2ti7hTPPYihicniPIfjA6OHiFEwP5 + HKeZtaWJPC+BOcQ2UZ+Vy23OjRFcuhKsh5asx0vhhZ4wpgKvVXADa5Q/nU3OZ/1gNB7hUu2CcaJb + x6BvlYm5hVTpdXOHBGcoEfrhsB+E/YE/C8ZRMIxGQ3c8OvgJ/fbJSTJi0fFazTOdJHkP9flhd+3N + JAETa1FS4HD1kJmC53mPJcJYIWPLSgExMDVnS6VvXJKOlXyv8yd6UUlB6eL5FV9wy7W3ELD0are2 + Dm62An8QjH8x4m/4ucC0VwVaJVigyRk3N5Sr6trSKJrz3EDPaQSP8V61bM/JBAJHx9n6BBaAvvpf + e44ViKwSUeJEssI7Og9gMvDbjVKrz3ijZwZ8I12Hu05gG26afAOS7a3eS2EtKjBOZ5uQ+nt91qi5 + XXJNeDWiKHOBDicPbo75qFE2HK+G4ye6+53MtDfp8jL0CejhcBUO/18rTfZrLKLB4OUqePkjDK5a + i4NwNQh/hMUNwL9+3YVjsA+nYbsxF6sPDQdi9i8ud08O2pM8TTWkyDc7RYAXUHnVlP/j5kb7Nl7u + 23i1ZyPcuzHet3Gw62dDm80qkVL9QjhRP8Apt/hwNIT79MJt6HxL4F6jTlNZ1sMjVVHgAiLlj7Qg + ZOpEVleA6UOl9gNmnIqzca7WR/q1iJsA3+6ska8obDJV5clrYcqcrzfFTZDQgJcl/th5JAahOzwI + 20fiYdg6Knu4sQ9UYQeqUgulhV0/M4ituFe/NP/+rRAFT8F4JGFaJQIXMpFmrlmkW7Z8hystrYbO + buGEHepzfg1EjI+UBvHJo4EI9mE0GFNEMm4mpYhPhLx5QzuvoaT+RcZt1upcLuu9bkUqOcH2hV/n + MAVuGiTozcg5O3n/9vj06uT4aHJ6PrmaTKd/TvF+WKcGQ4IHZhmwM3wBpGVklwnDlMzXDNlE5KSU + WcV+E5qzMw0F0gmrDKLWfYxVAiwox78Tvl8mg8hpXkXMHoZ/W1X32AITkQrJ84eHNt3XJrw1rnP0 + bjOnzKYSutNVSWX7KJLrdmfcIrlplJ4Jvka4e3nv9zZPw+MWb7/y+AbbzRZyrfLG1tGmo/tPDrdt + YVMzaCRsGwUJS6pulSt92nhznVfQTzWyxLYpUuy1apKtihIbYmkfB/1oHy2MOlr4Xsbvh/OT/Pb/ + kKVaVSU1im+ETJAYDcNaYdcAkpWVySCpUXo8PaTvNTAhF2SAYJYw/CnA8DWDJCJlWeiyt6Tuk3xR + f19E7KJTK2TEJMbLCm6Vjnx35A7uKOgY81zFPM+UsdHYH/vevJG5qn3zBqPxJUqzi3OIK+Io9k4t + +1btEcZHO6nw0Q4vmccuAmPZXxXXFjSbyBQrs8A47xGF7oAX1NKnZ3+wwwo5gJ3HXO6RohbQO/Av + m4je3bFzbF5rP3F89GFSfz42nzbRNNn0ADScCYt0QKI1sHCEihgxJrtjF6ijHyIF9LFLDoPaCwKq + XCSuxH7fTdXCW1S5ROhapBbv/vlLUjHw/U4uXoJbCKvBVTr1sL45YV5gM0u84OFRN7NFTnLbfOGk + zhgpC/FvCmmVc4zpPwAAAP//7Fltb9owEP4r1qRWgEgKSQiFquqoWNVOazWt2j50XzCxgWwhiRKg + +7Afv+ccJ7yUlI6qVSdNrYDYPvt8vnvO9+QX1XBqH30Z+jwgV7qVyQKlGjNY5aaYoc4Og9nJKaZx + zUa1xJb65I8s26b1e0i2C1knU6n7M9tmFxf7bNmdJ9tFj1d2cZ5uF2enXV7cJlaZTRBwudN1a8o+ + 1MZq/blkfUQqGj8CxZjVqTMAeYuto0D+N2maBQyoZ9t8tdPGFvoKeQGKPyJGOQla75RjFXxUt+3/ + 0d2zGiIS7d/xZewVHFgS/qSmeF54rh9B7TaaJzDmhR9IwKfMDH44np1wz5PxTP1cut+KYH8J8zXA + caFGBPzXwGn60REXCz9FqpCUb9vIACMyOtwovxjQkQ6WKwwYrjCM9Edpri8tiXYHrR25gyjcIdXu + wGczZOC0zu4nvjdhuDmPxwDhOQCQxRxrhWPGGYoaD4K4FnkJH5Eeg57aqPGJh+M54HjAJpILSC44 + cqiZ7ZZ9Wyp0DbwP5GpyWe/Pa63uqktiyGdVJoi8H93jvLu5PgNGTiCORji5Cvfu7oMhzO/SB/kX + HmlbKWaJ58PA9/ShXfsqleoz+6puW2RhfRiZMgwwE6Aj0ZuH3NU05t6MZG4i5qsHhsS38IUUa+70 + BTGFKyiW/hun0KJxRHmTfLzCxdQPq6xS/T2FD8+ibuG3W0HjxQHD2hMwLAIM65mAsVfWeAAY++at + 1fN9bcBw/wPGKwCG828BhluI7gCMh4xHqyj6Nwvespqn6ZR1FIQXFUOzBL6keB7iaTaGOgU9tdHR + KCPNGmW8Q6PgHXLzlA0s48oahTIqACZUfuhifLWe36zq0vl0yqmAffdohUUmJzYqSvYsdYmTOIPH + Eod2JU7bTQBi48DuSffYHboONxojq204I94yOp12wxDuSMj2aOhIm8riQhLLZrLdJ0pK8pueEBQ1 + pDNPokC8X1EZVTMt8CiTrg5Fmii81TCSydlce2QLaygFd9vHXNq8I0bc6Rx7Q+52PKfZPBOnahbs + 9cC6wH8mZ0x5qItEw8iaUnOeGvcwmWGZVH2aWcSSTY2Y85RMCnmVE3iQ4uflueGYcUjkxCYr//Y1 + 3qT1377Gm68F3rrGQCyRccqaPbpUzs/OAx7+lGE68WMVWlQIZkR2Bnp3UUijP8yTKJZHd4AjjyhX + HYP0bgq9RaTTMvqN3HbeySnDYGeFjv4DAAD//0KVgA9Ho0vAy/kiaCUxWhwNwoRHqDgCAAAA//8a + jC4eLY5o7WL6FUfopQa8rQdvCgGdng7JgtWgOXco2wBoYX5JInTFALopOBt1OIsxnK09I+wFJa7J + JwNczVtQqYBVwgBX89YYlw5jePsxNa8ssyg/D9KAhAillEKXq0C4RIVefi7EhGoYE1o7kFFaI620 + 0YeZq6OUm1gRlFpcmgMyGMlu8NxMUYljCcQdZfkl1JsShhgGNxRoV0ZicVg+eGoLNmsLmpQGTRiB + rIQ7BNW1RijOhWoAB09tbS0AAAD//wMAdXxLEh0lAAA= + headers: + Atl-Request-Id: + - ee0f82f7-41e4-41a4-ae99-b421e8f83bf4 + Atl-Traceid: + - ee0f82f741e441a4ae99b421e8f83bf4 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:57 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=257,atl-edge-internal;dur=13,atl-edge-upstream;dur=245,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - c206692c490f1fdc2c81b322e5bfcecf + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQX0vDMBTFv0te3bok/bM2bzLBKTqFdi+KSJrcYjRNSpMOxth3N8Ghe1TfLvf8 + zj2He0Atd7AdNWLozfvBscVCQgfCS/tuE+41d05xkxjwaIakcoPm+3/wNYw7JUCC+1iDHlZgPIx/ + PbKyptMTGAG/c+5gdMqaABOMSYITPK83l4/1+qH5UTdT34YJsecIzfAMv4RMGLTd96Flsx9i2krb + SQZTOyktvyyIBQNdLk/LK+4jSDHN5oTOSdUQylLCSJpgjC9wgIPfhT/A2Kj+nE1xQ0pGMpYvk6Ko + vlnR35jOBhBnOc5SWvC0bcu8rEheEZnTVAhagiwIh47zrGjPAryOCbdq5PGFQZ+0v7OCx/UB6dOE + wLxua3Q8L/ZkTVSu7xt0/AQAAP//AwBdjruEIAIAAA== + headers: + Atl-Request-Id: + - 3e8a0de9-90c7-40e9-8da7-04be8cc15354 + Atl-Traceid: + - 3e8a0de990c740e98da704be8cc15354 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:57 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=150,atl-edge-internal;dur=14,atl-edge-upstream;dur=126,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 9605e501face6f5b1f7c2da48691f1b0 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/TEP8loTgmU6HgXBHSykNAT5wTEaxN7YOR/JJckh68N+7smMH + QkwLnd4wg21J+6LdZ5/dfLdgmVEeWYElgUcgITphkEaqzekcVFuFCcxpW2QgqWaCqzZETM9B03aY + UB5DKuL2AqTCPYhGkElQwPX6bJgrLeYzo3DiOo7rdCR8y0Hp8SqDC0lDzUKw2hYz9t3ewcEAPxSk + M/xMtM5UYNsRzCDUkfgqOlSnVClGeYeDttGStmnGbM9mSuVgVwruYYXy5+Ph5XjP7Q36uFS4oKzg + u6XQt1yFVEMs5Kq8Q4RfKOE5XnfP9fZ8Z+wOArcbdPudbnfwE/rtGCeNEY2OF2o+6KSRt1Gf49XX + Xn9EoELJMhM4XD0kak7TtE0ipjTjoSYZgxCImJEHIe87RjoU/Eqm7/Qi58yki6YTuqCaSnvB4MEu + 3No4uN5yHd8d/KLYX/DzHNOez9GqgQWaHFN1b3KVT7V5C2Y0VdC2SsFTvFch27YShsCRYbI6gwWg + r85T29IMkZUhSqyA53hHawsmvtO04VYbmRRf8aofzMRaushDkdkqD+bjGXo2173iTGtUoKzatoHw + b8VZJWb6gUoDZMXmWcrQ4WgrJJioAn7dwbI7eKe7b6SsukmdsK6zj2543aXX/X+tlLAoQIoG3f7S + 7f8Ig8vKou8tfe9HWFwj/+npNRy9Jpz61caMLa9LcsTs394hGuJYQox8849F0Ks28AIizUte+BDc + Nwp2I/4l89wgvZCEKjIF4CQUCGjQEBHBiU6YIgVLGP5Zl8YxEr+1Izj9povtN2x4jRuDpo2D1zF6 + i8v9mssNhxYNzQr2XPykGvtc2R/eH9+y+2z6jV2qk4YsitcjkZs8u6aH3JgFxmMr0DIHjBsq1deI + Q0MZ5WUKfUa/ZGGV9u014ysKq0TkaXTMVJbS1ZpyTC4kYBhMjl/Fwe929gduFYftgDYxr1cz7/ZG + XQOZZEIyvfpgECtxu2iM/761sTmNQdlGQlVKGC4kLE46ahFvgPoZVyroezsQ6/lVTUxaQWvilv/d + fr8/aT22zAnHe7ZjwpfSKRheN5W9Pes04d9tgrk7MKHDyhtmLDxj/P7E7BxDZuYyHlbpLZL+UOzV + K1zwIY5ldJrCCKgqISPXb9bF2dWn0/PJ2enR8PxyOBmORn+M0HnkH4WxwwPjBMgFNjCuibGLJY7V + nq4IkiFLjVKiBfmVSUouJMyRDUmuEN6dXaToYk1aziNznCyaBlbZ7THNmCdTmOXNX7AgZixmnKbb + h9ZT5Tq8RQGk6F1FpAiBmEN9Os9M5e+EfDHG7VeQLwfAD6K0FK4HuJfM+T7gbjHo1jRYGjpaj6n/ + ydtq1rX9tRG/GnKi0nAoUiHPS18wL8C3XCuyjH0A37nejfZeE3H0auJ4K9Uv4/iFP/87JLEUeWYm + 3xPGI6ROtWlPWa4S7E0GnqejQ/OcAmF8YQwYfEUEf9sQ7MIQBUZZ4nXIJ6PuC28Vz1ZAbmu1jAck + i4Nex+04jybQGOdUhDRNhNLBwBk49qw8Oyl8sv3ewR1KkdtLCHPDXuSzeNjTokEYh4woxyHDuyM2 + uXWVJn/mVGqQZMhjLMU5xrdBFOoDtltIn1/8Tg5zLHpyGVLeIGVGVvvAuSsj+fhILnEKL/zE96Pr + YfG4KR9VgsnfAAAA///sWN9v2zYQ/lcOCBDInk3V8q/FgR+KOA8d1qJIur3UBazIjC1UlhRRcjK0 + /d/3HUVRUmx3a7unoU5gS3c88vTd8e6jcGM4C1++C3PsfzbVyYQrTERcS+kzvcccfQ97vj+YvPjV + 015wcsb7tYhxcBGbZO/uiyhGuuaoJW57/Aee4mJkzYJHKXZhnkmRZBsX+9nnNA/BvbkOuBcjsc13 + EVulG3zpOPEUHj43cpfkEo+xlnT9hHCwDfXJebvp0XmUX5InBgPhEZ1v8ss5DcULGGvFUKBAUKUY + 1YqRGItpJR/X8rHAXJV8Usv5clzL2TsjH4hJLfdqudccP6zlQzGs5aNaPqofYFqvy5cNuV2XL73O + idwwmex6wwkj+irm0/he9jj4+gTTo5tQfaSXQSBT3knHAj/9xsCb8f9V4H8G/buDPvrXQUeprMrG + rKsTgGXUXRSSFqixEP6G3kPeRY/Qe8fUrt/V33YgbAHX90Pxc+f+YBAnqOzdhWYCtAAVICZIiMc/ + 2pGDr86xyH41rtRFt4D8PX7637F/sSAKgZ7gxxpHO7W6t0mRBRLpFckut/A+Ou0uVJJxTTeNgYua + aHRBCOyyyD1lWrgIE9df70MFsoJzxNjzwEHuGWJsh4qTMhtZpZsVzscx/IvJp6xM44DTWNo05meQ + mX8XRtx1862fUxJgIUWPW8knalkZMmp3vpKUZPSAs95fpFIZ8KZUmD3I/Ht2AFyt2MXE9EzojQbu + nkkCeaf8MalMAlKBjH2chpjUYKkw2BKoAoh9FH6UoPb3WMWH22kahYF+W2vIU+VwJIEPtiyfDZqj + ykeDT0Ws/HtUDj4K9FXBQ+CfeojMcgYZRTsfxmEC7tBwXoll7B3ODqMYSCt2Bu7h2JyBT2Jeiw7z + OeuDb5DKZF5kMXIbV6qIcka34QPGHXVCMIBnZzjVJIgn/q+SmOveMl6tVsuYj5Q5faIrPBl40Rea + E7++DjPpnJ89eVOkVvnbqcYG5cg5xfLRmDms1FfCPBxLKgOGa06r2+vfr6/e0YBe3tL5Q5Hkl0t8 + ysndbinBJjym7rpL7Mtf+FFVEkkRJRsH2R/gcCdkvO98YG9AsmESu25pvdIOlE5pAB340SNHZlmP + EezQnHcOfcLM5pkw15od/9Ix4NCfNlHoNWgt8oV4qzXl1auvWauMg0ueKOTQnCrl1uigmFvNQTlv + aJ4V9IbmWUlvaJ4V9YbmWVm3moPC3tC0SztweqtfEq0rkGZmpAHJoIL5GnAxRgYTXqgJF2NkQDGq + Ci7GyILS0FQtr0KlpWKQLCotDYNkUWlpGCSLSkvDIFlUGpoSJItKS1OC1Egm4LVFJnFK9ksGODss + 9HyamfEXuhPumMYoGKXFHba/6QGvQ302NC2gaw87nngSTzP6Q79I4AJkin0VElTMCJpMNI2Gp4zK + aB21GZ2yKcN41GZ8yqYM8FGbySmbMiLWhhx6wx1Idyfb4XQS9MqI93TZLUPMrcaPVEJpmcCCmEfY + RaenFtUh/fqiJiHQpQ4WMLF7tUvBWDlubxIK9Q0hBfbhWq7rNo+BNyBFmUQ1V9/S541pmvChnGmK + 4693Ydwhp/N5BxqSJzNLPY7y2f8Dl/0bAAD//0KI07Uta0JmW9YE1JY1GQRtWXL7wsjpltZtWUP0 + tiwAAAD//+ya32qDMBTGX2UUehkXNdVaKF0LG90r9O6YxHW0VfEPe/3lGBu6rNlGr8oIeCEmxxyP + 5vjB9/Na1mtZr2W9lvVa1mtZr2X/jZYNTegvWvY7AzAz8Irt7Lo8vpBdenxdA/wwAA4IKNhTDdVi + DTCDclgD1BVBXQY7NQb7uTyuiS6uhJpkvhjVtmsJXQd8j56c9kTb/nQCNGsnVx1FLDVyGVVzo52L + 6mQFnCNN8iqWaaiULJ3Ga5nMkzxhQGgRpYQVMCNZllIikkLItMiZjNFSNpFqWR27+GOkxO9lLYTK + pcWcoamO4ukiZV4hGvgz6Ta8DBm8NXoaxpxpq7iIRZRLAUk6BxlDJgpg2ZznkGScheFKLIe7qGed + Ri/q0HHkBOVoihKiL7VB35IPVTISBei2BrpbYk1JDdBiSVX8oObVvlSn2w1hQV0iJ2JTc/efsY3d + 3X/GNrZ37xmrFiY0XTUCEtvh43/YHKE8yLLdv9fD1kIXTSNdugvuEJxYTJ77pqrl4061IY7w0bgH + kR1Vo2an4zIjSnudr2Cu3stcYBZzwYnM9Pdm/DmM7egTAAD//xotjgZTwhstjujh4tHiCFdxhF5q + wNt48CYR0OnpkCxYDVoTD2UbAC3ML0mELvVHNwVnYw5nMYazlWeEvaDEtbrSAFezFlQqYJUwgHsZ + TcIYlw5jeLsxNa8ssyg/D9I2hAillEL3mUC4RIVefi7EhGoYE1o7kFFaI22R0YeZq6OUm1gRBBll + QrEbvP6wqMSxBOKOMmDnhtwVkxiLoyGGwQ0F2pWRWByWD167CVu/DFqenZMP6kIgOQTVtUYozoVq + AAdPbW0tAAAA//8DAJUrt8bWNAAA + headers: + Atl-Request-Id: + - 223d084c-51be-4326-a31f-146c1e56d80b + Atl-Traceid: + - 223d084c51be4326a31f146c1e56d80b + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:58 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=276,atl-edge-internal;dur=14,atl-edge-upstream;dur=262,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 32c867dd78416ce946b467eed9771617 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - be450fa0-0eeb-45db-958a-03f109475237 + Atl-Traceid: + - be450fa00eeb45db958a03f109475237 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:58 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=324,atl-edge-internal;dur=14,atl-edge-upstream;dur=311,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - fbbcd21ccba276b7623197277afd8f11 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: pg:5.1.0", "description": "\n\n\n\n\n\n\nA group of + Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: pg:5.1.0|http://localhost:8080/finding_group/359] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [2222Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236] | Active, + Verified |\n| High | [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/234] | Active, + Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [2222Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < + 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= + 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 + < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]\n*Defect + Dojo link:* http://localhost:8080/finding/236 (236)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, + < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < + 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= + 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 + < 7.1.2)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/521\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '7127' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: '' + headers: + Atl-Request-Id: + - dfd58689-708c-4c7a-8d83-19364b77ba67 + Atl-Traceid: + - dfd58689708c4c7a8d8319364b77ba67 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:59 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=492,atl-edge-internal;dur=12,atl-edge-upstream;dur=480,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - f40cb7de7bfd57e0ba1cb075229c002e + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/TEP8kheMZzodBsIdLaU0BPjAMRnF3tg6HMknySHpwX/vyi8J + hJgWOr1hBtuS9kW7zz67+W7BMqM8sgJLAo9AQnTCII1Um9M5qLYKE5jTtshAUs0EV22ImJ6Dpu0w + oTyGVMTtBUiFexCNIJOggOvqbJgrLeYzo3DiOo7rdCR8y0Hp8SqDC0lDzUKw2hYz9t3+wYGPHwrS + GX4mWmcqsO0IZhDqSHwVHapTqhSjvMNB22hJ2zRjtmczpXKwawX3sEL58/Hwcrzn9v0BLhUuKCv4 + bin0LVch1RALuSrvEOEXSniO19tzvb2uM3b9wO0FvUGn1/N/Qr8d46QxotHxQs0HnTTyNupzvPW1 + q48IVChZZgKHq4dEzWmatknElGY81CRjEAIRM/Ig5H3HSIeCX8n0nV7knJl00XRCF1RTaS8YPNiF + WxsHqy3X6br+L4r9BT/PMe35HK0aWKDJMVX3Jlf5VJu3YEZTBW2rFDzFexWybSthCBwZJqszWAD6 + 6jy1Lc0QWRmixAp4jne0tmDSdeqNTIqveKMPBrySLsJdJLAOt/l4BpLNra440xoVKGtt2yD1t+Ks + EjP9QKXBq2LzLGXocLR1c8xHgbKev+z573T3jczUN1nnpefsoxteb+n1/l8rZfYLLKJBd7B0Bz/C + 4LK22PWWXe9HWKwA/vT0Go5uE069po1uvTFjy+uSHBEWt3cIkziWECPf/GMR9OsNvJlI85IXPlQH + GwW7S+El89wgvZCEKjIF4CQUiHTQEBHBiU6YIgVLGP6pauYYid/aEbVB08X2Gza8xg2/aePgdYze + 4vLumssNhxYNzQr2XPykGvtc2R/eH9+y+2z6jV2qk4ZFitcjkZs8u6aH3JgFxmMr0DKHp6qtGG2S + hXWSt9eMZ3hUJSJPo2OmspSuKubBZXRLXyPEDRtVcZKAYTA5fhWHbq+z77t1HLYDumbe7Y2mGvDW + NZBJJiTTqw8GsRa3i8b471sbm9MYlG0kVK2E4ULC4qSjFvEGqJ9xpYa+twOxXreuiUkraE3c8r87 + GAwmrceWOeF4z3ZM+FI6BUP4prK3Z50m/LtNMHd9EzqsvGHGwjPG70/MzjFkZi7jYZ3wAgYPxd56 + hQs+xLGMTlMYAVUliGT1Zl2cXX06PZ+cnR4Nzy+Hk+Fo9McInUf+URg7PDBOgFxgZ+OaGLtY4ljt + 6YogS7LUKCVakF+ZpORCwhxpkuQK4d3ZxZYu1qTlPDLHyaJpYJXdHtOMeTKFWd78BQtixmLGabp9 + qJoqq/AWJZGidzWRIgRiDuvTeWYqfyfk+35nf+DVkC8HwA+itBReD3AvmfN9wN1i0K1psDR0VI2p + /8nbeta1u5WRbj39RKXhUKRCnpe+YF6Ab7lWZBn7AL5zvRvt/Sbi6K+J461Uv4zjF/7875DEUuSZ + mXxPGI+QOtWmPWW5SrA3GXiejg7NcwqE8YUxYPAVEfxtQ7ALQxQYZYnXIZ+Mui+8VTxbAbldq2U8 + IFkc9Dtux3k0gcY4pyKkaSKUDnzHd+xZeXZS+GR3+wd3KEVuLyHMDXuRz+JhT4sGYZw+ohynD++O + 2OTWVZr8mVOpQZIhj7EU5xjfBlFYH7DdQvr84ndymGPRk8uQ8gYpM8vaB85dGcnHR3KJU3jhJ74f + XQ+Lx035qBNM/gYAAP//7FjbbttGEP2VAQwYFCstI+oWy9CDYfmhRRMEcZqXKIBoai0R5UXmRXaQ + 5N97ZrlckpaYIknfGtmQyJmd3eGZ2ZmzxI3mLHz5Lsix/9lUJROuMBFxLaUv9AFzDFzs+cFw+uKl + q7zg5IwPGxHj4CK2ycE5FGGMdM1RS5z2+I88xcXYmPmPUkRBnkqRpFsH+9njNA9AyrkOOBdjscuj + kK32W3ypOPEULj5vZZTkEo+xkXTzhHCwDQ3IerPt03mYX5IrhkPhEp1v88sFjcQLGCvFSIAbUKUY + 14qxmIhZJZ/U8onAXJV8Wsv5clLL2TstH4ppLXdrudscP6rlIzGq5eNaPq4fYFavy5cNuVmXL91e + R27oTHbc0ZQRvQLROMg+h14dbOhUnGffGWc9/r+K868Y/3CMx10xRiGsisLcVvFmGdnLQtISFRTC + P9BZyL3oEzrrhNrVufrbDYUpz+p+JH7ty5+M2RR1216qPk9LNHpi+oN4/KsdWfjqnYrsN+NKNnoB + 5B/wM/iB7YoFse/VBD/XFtqpZd8mRepLpFcobW7QA/TRKMgk47rfNgYuaxpho92bZZF7mW7QIkgc + b3MIMlARnBImrguGcc8QYztUjJO5xnq/XeP0G8O/mDxKyzT2OY2lSWN+Bpl6d0HIPTXfeTklPhbK + 6HEn+bwsK0NG7c7LJCUpPeBs94lw+Pd5F2aY3U+9e3YATKyIYmLyJdRGAzNPJYGaU/6YVCY+Zb6M + PZx1mLJgqcDfEYgAaHsY/C1B3O+xige39/sw8NW7WE2NKodDCXywZZn5N0eVjwafijjz7lEqmOgP + soKHwL/sIdTLaWQyijwYBwmYQcP5TKxi93h2GMVAOmNn4B4OxSnYIuY16DBbMz54GqlU5kUaI7dx + lRVhzug2fMC4k04IBvDsDGeWBPHE/3US+3Kfr+L1er2K+cCY02e6xpOB9XylBfHL6SCV1vnZkztD + apW/vWqsX45cUCwftZnFSnUl9MOxpDJguBa0vr358+b6HQ3p6pbOH4okv1zhU07u2KUEm/CU2nZW + 2Je/8aNmSShFmGwtZL+Po5uQ8aH3kb0BhYZJ7Dil9Vo5UDqlALTgR58smaZ9RrBHC9459Bkz62fC + XBt2/GtPg0PvTaLQK5BW5AvxVmvKqxdb81YZB1PsKOTQdJVyY3RUzI3mqJw3NM8KekPzrKQ3NM+K + ekPzrKwbzVFhb2japR04vVGvgDYVSHM9UoOkUcF8DbgYI40JL9SEizHSoGhVBRdjZEBpaKqWV6HS + UjFIBpWWhkEyqLQ0DJJBpaVhkAwqDU0JkkGlpSlBaiQT8NohkzglByXhmx8Xej6rzPkL3Ql3Vz7v + AyRmcYftr3vAq0Cd/HQLsM1RxhVP4mlOf6nXBFyAdLGvQoKKGUKTiqbRqMuojNZJm3GXTRnGkzaT + LpsywCdtpl02ZUSMDVn0mjuQ6k6mw6kk6JcR76uyW4aYW40XZgntywQWxDzCLDrrWlSF9NuL6oRA + lzpaQMfu92jv+TnH7XVCgbohpMAh2MhN3eYx8C1IUSpRzbPv6fPadJ/wkZtpiuVtoiDukdX7EoGG + 5MncUI+TfPb/wWX/AQAA//+iSVvWhMy2rAmoLWsyCNqy5HZ9kdMtrduyhqS3ZQEAAAD//+ya326C + MBTGX2Ux8bKsQAUxMU6TLe4VvDu0ZS7Kn4Bmr78eio12djO74qIJF4T20MOBHr7k+3kt67Ws17Je + y95os+vW7rXspV5ey3otOw4tG5rQP7TsT4d/ZtAU27d1OXghu3bwTi3wQ48vIJBgTzXMijXADKhh + DVBXBHXZ59TY55fyuCa6qBFqkrmxoW1PEk4n4Ht03LTj2Z3LEtCKndz1C7HUSF3U7T/NWlQnK+Ac + WZF3sUxDpWTpNF7LZJ7kCQNCiyglrIAZybKUEpEUQqZFzmSMhrGJVMvq2MWDkRK/l7UQKpcOc4a2 + PoqXq5R5jeDf74Bb/zJk8NHqaRhzgaziIhZRLgUk6RxkDJkogGVznkOScRaGK7Hs76KedRq9qUPH + kRKqwfIkRF/qgnNHvlTJSBSglxrobok1JQ1AhyVV8b2aV/tSnW43hAVNhRSIDcuNP2Obtht/xjat + N/aMVQsTmqYa8Idt//E/bY5QHWTV7T+bfmuhbaaBLd0Fd4hFLCav57Zu5PNOtSGOaNGwBxEZVaNm + p+MyAyh7n55grt7LXNgVc6GHzPT3dvg5PNyOvgEAAP//Gi2O6JfwRosjerh4tDjCVRyhlxrwNh68 + SQR0ejokC1aDlsJD2QZAC/NLEqEL+dFNwdmYw1mM4WzlGWEvKHGtnTTA1awFlQpYJQzgXkaTMMal + wxjebkzNK8ssys+DtA0hQiml0F0kEC5RoZefCzGhGsaE1g5klNZIG2D0YebqKOUmVgRBRplQ7Aav + LiwqcSyBuKMM2Lkhdz0kxtJniGFwQ4F2ZSQWh+WDV2bC1iuDFl/n5IO6EEgOQXWtEYpzoRrAwVNb + WwsAAAD//wMAzWom3LQ0AAA= + headers: + Atl-Request-Id: + - 9c9bae35-b5aa-4b3e-9b14-87b4ee36ee1a + Atl-Traceid: + - 9c9bae35b5aa4b3e9b1487b4ee36ee1a + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:59 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=308,atl-edge-internal;dur=13,atl-edge-upstream;dur=296,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 22c45948487604bfa7d071f4832d1232 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"transition": {"id": 11}, "fields": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '40' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1586/transitions + response: + body: + string: '' + headers: + Atl-Request-Id: + - 22d84caf-4a46-4fbe-9c10-e81082a40025 + Atl-Traceid: + - 22d84caf4a464fbe9c10e81082a40025 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - text/html;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:14:59 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=478,atl-edge-internal;dur=13,atl-edge-upstream;dur=466,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 967e81429bbf103363f138980212d647 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0teXbubpO26vMkEp+gU2r0oImlzi9U0KU06GGP/3RSH7lF9u9zz + nXsO90Aq6XA7aCLIm/e9E/O5wgZrr+y7jaXX0rlWmtigJzOiWtdruf8HX+Cwa2tU6D7WqPsVGo/D + X4+srGn0iKbG3zl3OLjWmgBTABpDDFGxuXws1g/lj7oZuypMRDxP0Axm8BIysdd234WW5b6f0lba + jiqYqrHV6stCRDCwxeK0vJJ+AhmwJKIsosuSMsGpoDwGgAsIcPC78AccyrY7ZzmUNBc0FQAx59k3 + W3c3prEBhCSFhLNM8qrK03xJ0yVVKeN1zXJUGZXYSJlk1VmA11PCbTvI6YVBH7W/s7Wc1geiTxNB + 87otyPG82JM1k3J9X5LjJwAAAP//AwCoblEmIAIAAA== + headers: + Atl-Request-Id: + - 9facadc4-fc8c-4439-b64f-6cadf7039b8c + Atl-Traceid: + - 9facadc4fc8c4439b64f6cadf7039b8c + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:00 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=146,atl-edge-internal;dur=13,atl-edge-upstream;dur=132,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - dbec04d655bf23136bdf7b1561dc0bbb + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15999 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXbVPjNhD+Kxp/zIX4LYHEM50OA+GOllIaAnzgmIywN7bAkXySHJIe/Pdb+SWB + ENNCpzfMYFvSvmj32Wc33y1YZJRHVmBJ4BFIiI4YpJFqczoD1VZhAjPaFhlIqpngqg0R0zPQtB0m + lMeQirg9B6lwD6IRZBIUcF2dDXOlxWxqFE5cx3GdjoRvOSg9XmZwJmmoWQhW22LGvtsbDAb4oSCd + 4meidaYC245gCqGOxJ3oUJ1SpRjlHQ7aRkvaphmzPZsplYNdK7iHJcqfjofn4x2319/DpcIFZQXf + LYW+5SqkGmIhl+UdIvxCCc/xujuut+M7Y7cfuN2gO+h4fe8T+u0YJ40RjY4Xaj7opJG3UZ/jra5d + fUSgQskyEzhc3SdqRtO0TSKmNOOhJhmDEIiYkgch7ztGOhT8Qqbv9CLnzKSLphM6p5pKe87gwS7c + WjtYbbmO7/Z/Vexv+GWGac9naNXAAk2Oqbo3ucpvtXkLpjRV0LZKwWO8VyHbthKGwJFhsjyBOaCv + zlPb0gyRlSFKrIDneEdrAya+U29kUtzhjT4Y8Eq6CHeRwDrc5uMZSNa3uuBMa1SgrJVtg9Tfi7NK + TPUDlQavis2ylKHD0cbNMR8Fyrr9Rbf/TnffyEx9k1Veuo5BtdddeN3/10qZ/QKLaNDdXbi7P8Pg + orboewvf+xkWK4A/Pb2Go9uEU69pw683pmxxWZIjwuL6BmESxxJi5Jt/LIJevYE3E2le8sKH6mCt + YHspvGSeK6QXklBFbgE4CQUiHTRERHCiE6ZIwRKGf6qaOUTit7ZEbbfpYnsNG17jRr9pY/A6Rm9x + ea9fc7nh0KKhWcGOi59UY58r+8P741t2n3W/sUt10rBI8XogcpNn1/SQK7PAeGwFWubwVLUVo02y + sE7y5prxDI+qRORpdMhUltJlxTy4jG7pS4S4YaMqThIwDCbHr+Lg73U8z6/jsBnQFfNubjTVgLeq + gUwyIZlefjCItbhdNMZ/39rYjMagbCOhaiUMFxIWJx01j9dA/YIrNfS9LYj1/LomJq2gNXHL/57T + G0xajy1zwvGe7ZjwpfQWDOGbyt6cdZrw7zbB3O2b0GHlDTMWnjB+f2R2DiEzcxkP64QXMHgo9lYr + XPAhjmX0NoURUFWCSFZv1tnJxefj08nJ8cHw9Hw4GY5Gf47QeeQfhbHDA+MEyBl2Nq6JsYsljtWe + LgmyJEuNUqIF+Y1JSs4kzJAmSa4Q3p1tbOliTVrOI3OcLLoLrLLbY5oxT6Ywy5u/YEHMWMw4TTcP + VVNlFd6iJFL0riZShEDMYXU6z0zlb4X8yzGuHAA/iNJSeDXAvWTO9wF3g0E3psHS0EE1pv4nb+tZ + 1/YrI349/USl4VCkQp6WvmBegG+4VmQZ+wC+c70d7b0m4uitiOOtVL+M41f+/G+fxFLkmZl8jxiP + kDrVuj1luUqwNxl4Ho/2zfMWCONzY8DgKyL424ZgF4YoMMoSr0M+G3Vfeat4tgJyvVLLeECmGL8k + cDp+x3k0scZQpyKkaSKUDvpO37Gn5fFJ4Zbt7zo3KEiuzyHMDYGRL+JhR4sGYRxAohwHEO+G2OTa + VZr8lVOpQZIhj7EaZxjiBlFYHbDdQvr07A+yn2Pdk/OQ8gYpM87aA+emDObjIznHQbzwE98PLofF + 46p8lDn+AQAA///sWW1P2zAQ/isWEqitmrRN05YWIQbqEEximmDbB9Ak3NhpI9IkyhuTxo/fc44b + 2kDYxrSpHxBVm+R89uXu8XN3BiyAG1220OVnLwUFkKrCE64wESM6ZQ/sBnMYFljN6A17vbGygvAZ + 5MIM0LuY8zDv5JkfALEp6KSzOf4bTWF3C1+TnnMvzaWXxtIM43kHe5oT1D0U5sQFHQw1F+nSJz0V + KvyqYNE8l3Ke+Ryu/E5tqDJ/KgOP+wSeKxnn6DaZwRqnpNhme356AOWBaTVrnKdD3bH6A1rwPKCO + NZdt8o4q/9vs0kvu2LHjyIjQ9kBObq1cPGkpL9Ez1ppmkk0BSTz8gK3KrHGbgaoGbBPuq79Fzyzx + ru775j9+QRg+VaTCpmAVRlwLW3+pxxr4aj731i++M2sBdXh+gx/jVQDAksCSmuLvILjp+NZVmMVw + 46nnS7CDLFy9N08PFN7WBk4fWasFdimXDUFnmgxML+xwkXsJmA9FycAagtBccjLAskpwFLxbNfkt + QxZmZCq6Zp13Yx1zbQjFXJQxT3TM7xdEhhzzBXOGtsKBHAnciblLK1G6BklFWWrC818f578AG/lS + s96maNW3TNZghBGfVG0rVmJI4ZnDUrw2AUYuoI2HgKTao5OqM9trDxKUOTWCOJcG5TLPeTqwkLo8 + p9S7FiUitQl9EbhwS1s0gTlRNvM9R0fwwlNpQgfwiyohyOc6MsVbsTBmPgSxWUb+fBmBCUjnY8g8 + dcPA7LknpNjA0iU2FOoqLP0nCNGqUUiJgQDe4GLpBU3WaD4sAeA0nAC0T8v3Qdl3VouyuvTcs+sE + ZftJeTuNuXOnmhZqQypD7bILqwi65RxVQV1t3C1r45V76gbWtYTd0piNGrNacPA05c6CcmlRziTZ + csmpztqpKwbI29RVhfErizHag0fccagXPBeHI3QWVne3fyyH+8PZ0OZG17VGhu3ygTEej7qGGLpC + jtyZLftUEJaaWLbQnfympiTIHAtB+4ls5nHoi3drJqO2owVePMBS8ZDmPC6Gkc7qEKXv9oU1k4IP + R/tc9vlYuNwe7zszPhw7dq93JA7VLHjXXesUn0LPWPJA1zOGUTxKzCwx7uEywzKpUDKLzUo+NSLO + E3Ip9FUuQOODy7MTwzajgLq86mHY9ltcPU3bfourp3HbbjHIShSnJbq9OVPgZyc+D+5kkCy8SG0t + KuqKA5mC766p7ZnsvM/iMJKdazCRQ0cHeg/SkTCk5U6nZfRB+PPdkV1Hv3bdsYpdd7RolxQf6/zw + RkdbCLw3OvofFr/RUR0dVVmjLPPKqgimz4st+IP+1aWvu1jwJwAAAP//yi9JhE7UoZuCsz2HsxjD + 2dAzwl5Q4hobNcDVsgWVClglDHC1bI1x6TCGNx1T88oyi/LzIM1DiFBKKXSWGMIlKvTycyEmVMOY + 0NqBjNIaaYJbH2aujlJuYkVQanFpDshgJLvBo4dFJY4lEHeU5ZfgntoAAAAA//8iyl6kqQ2IYXBD + gXZlJBaH5YNHXmHzEaDJlZx8UGcBySGorjVCcS5UAzh4amtrAQAAAP//AwCc83VzlCAAAA== + headers: + Atl-Request-Id: + - e3bb06ac-c4f0-4fcf-82a2-81911bd2d467 + Atl-Traceid: + - e3bb06acc4f04fcf82a281911bd2d467 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:00 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=419,atl-edge-internal;dur=16,atl-edge-upstream;dur=406,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 1782fefd462c82d65f3aa2654e8f4e04 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - d8240609-d239-4c20-a7e8-3138a2ec5faf + Atl-Traceid: + - d8240609d2394c20a7e83138a2ec5faf + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:01 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=317,atl-edge-internal;dur=20,atl-edge-upstream;dur=296,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 1179b936ce0f4566888dc0db568844fe + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: fresh:0.3.0", "description": "\n\n\n\n\n\n\nA group + of Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: fresh:0.3.0|http://localhost:8080/finding_group/360] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2017-16119|https://nvd.nist.gov/vuln/detail/CVE-2017-16119] + | [400|https://cwe.mitre.org/data/definitions/400.html] | fresh | 0.3.0 | [Regular + Expression Denial of Service - (Fresh, < 0.5.2)|http://localhost:8080/finding/235] + | Active, Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [Regular Expression Denial of Service - (Fresh, < 0.5.2)|http://localhost:8080/finding/235]\n*Defect + Dojo link:* http://localhost:8080/finding/235 (235)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-400|https://cwe.mitre.org/data/definitions/400.html] + \n*CVE:* [CVE-2017-16119|https://nvd.nist.gov/vuln/detail/CVE-2017-16119]\n\n\n\n\n\n\n*Source + File*: express>fresh\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/526\nAffected + versions of `fresh` are vulnerable to regular expression denial of service when + parsing specially crafted user input.\n Vulnerable Module: fresh\n Vulnerable + Versions: < 0.5.2\n Patched Version: >= 0.5.2\n Vulnerable Paths: \n - + 0.3.0:express>fresh,express>send>fresh,express>serve-static>send>fresh,serve-favicon>fresh\n + CWE: CWE-400\n Access: public\n\n\n*Mitigation*:\nUpdate to version 0.5.2 or + later.\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/526\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '1958' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15999 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 0d094af9-5a37-4ed0-925a-c545e2c309b4 + Atl-Traceid: + - 0d094af95a374ed0925ac545e2c309b4 + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:01 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=467,atl-edge-internal;dur=13,atl-edge-upstream;dur=454,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 016d6a20a9f48a227b662b139546e027 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15999 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXW1PrNhD+Kxo/0hDfkpB4ptNhIJxDSykNAR44TEbYG1vgSK4k59ID/70r3wIh + YQqdnmEG25L2ot1vv918t2CZUR5ZgSWBRyAhOmGQRqrF6QxUS4UJzGhLZCCpZoKrFkRMz0DTVphQ + HkMq4tYcpMI9iEaQSVDAdXU2zJUWs6lROHEdx3XaEv7KQenxKoMLSUPNQrBaFjP23e5gMMAPBekU + PxOtMxXYdgRTCHUkHkSb6pQqxShvc9A2WtI2zZjt2UypHOxawSOsUP58PLwc77vd/gEuFS4oK/hu + KfQtVyHVEAu5Ku8Q4RdKeI7X2Xe9fd8Zu/3A7QSdQdvrez+h345x0hjR6Hih5pNOGnkb9Tlec+3q + IwIVSpaZwOHqIVEzmqYtEjGlGQ81yRiEQMSULIR8bBvpUPArmX7Qi5wzky6aTuicairtOYOFXbi1 + drDach3f7f+i2N/w8wzTns/QqoEFmhxT9Whyld9r8xZMaaqgZZWCp3ivQrZlJQyBI8NkdQZzQF+d + 55alGSIrQ5RYAc/xjtYGTHyn3sikeMAbfTLglXQR7iKBdbjNxwuQrG91xZnWqEBZjW2D1N+Ks0pM + 9YJKg1fFZlnK0OFo4+aYjwJlnf6y0/+gu+9kpr5Jk5eOY1DtdZZe5/+1Uma/wCIadHtLt/cjDC5r + i7639L0fYbEC+PPzWzi6u3Dq1RtTtrwuORCzf3v39qRfn6RxLCFGvnlTBHgBkeZl+X8K7msF2xH/ + mmBukEVIQhW5B+AkFAho0BARwYlOmCIFGRiaqUrjGPnd2hKc7q7g9HZtHOzY8HZu9HdtDN4G7z0u + 7/ZrLjccWjQ0K9h3K2o3oZQsrDOwuWbqGu+vEpGn0TFTWUpXVfXj8oJq7JRlh/l46sr+te5YdqlO + Gh4qXo9EbpBSuHpjFhiPrUDL3NhGpfoaIW7YqIqTBAyDSf6bOPgHbc/z6zhsBrRh3s2NXTXgNTWQ + SSYk06tPhqAWt4vG+O9bG5vRGJRtJFSthOFCwuKkrebxGsFfcaWuCW8LlD2/LpbJXrA3ccv/ntMd + TPae9swJx3uxY8KX0nswhL+l5A1Pbo2Yuwvmbt+EDktymLHwjPHHE7NzDJmZy3hYg62A4KLYa1a4 + 4EMcy+h9CiOgqgSwrN6si7OrL6fnk7PTo+H55XAyHI3+GKHzyD8KY4cHxgmQC+xsXBNjF2sfaSBd + EWRJlhqlRAvyK5OUXEiYIU2SXCE429vY0sWatJwn5jhZ9BBYZbfHNGOeTGFuYUHMWMw4TTcPVVNl + Fd6iRFL0rvo2EIg5NKfzzFT+Fsh3A8dt93pODflyAPwkSkvhZoB7TakfA+4GtW5Mg6Who2pM/U/e + 1rOu7VdG/Hr6iUrDoUiFPC99wbwA33CtyDI2CHznejvauw1xvJfRTaGGVF7H8Rt/+XdIYinyzEy+ + J4xHSHxq3beyXCXYtAw8T0eH5nkPhPG5sWzwFRH8bUOwPUMUGGWJ1yZfjLpvfK947gXktlHLeECm + GL8kcNp+23kyscZQpyKkaSKUDvpO37Gn5fFJ4Zbt95w7FCS3lxDmhsDIV7HY12KHMA4gUY4DiHdH + bHLrKk3+zKnUIMmQx1iNMwzxDlFoDthuIX1+8Ts5zLHuyWVI+Q4pM87aA+euDObTE7nEQbzwE9+P + rofF46Z8lDn+BwAA///sWWFP2zAQ/SsWEqhUTZqmaUqLECvqEEximmDbB9Ak3NhpI9KkSpMwafz4 + vXPc0AbCNqZN/YBAbWL77PPd+d07FyiAF81n6PFzkAICSFTFE54wESM4ZQ/sBnMYNlDN6LidzkBp + QfEZ5cKMULuY0zhv51kYIWJTwEl7c/w3msKxCluTnHcvzXmQJtKMk2kbZ5pTqAcg5oQFbQw1Z+k8 + JDnlKnwrZ9E8l3KahRym/E5lqFJ/LKOAhxQ8VzLJUW0ygzVOSbDF9sL0EMI9096vMZ52ddvu9mjB + EYhALltkG0X+2QPZtLmy6LCpjEJtrDnOJBsjAtH4ASeT2YMWAzL12GZ0r/5mHbMMb/XeNf/xfqD4 + WGEIGwNEGEErdP2lHGvgY/+5Xb+4Z9ZEkKH9Bl/Gq/yNJRE6aoq/i7hNwzev4iyBGU+DUAIMZGHq + vWl6qMJrbeD4EaSaAJNy2Rjopc++GcRtLvJgCQQEB+nZLvDLJyMjWFb5jJx3qya/ZUi6jFRFkazT + bKJ9rhUhn4vS50vt8/sZYR/HfNGUoYrw0I987SXcp5UoOwOTFllqwvJfH+e/APiEUoPcZteqfhmu + hRFGfFJEVKy60QvLHJXdaxNg5AzSaERIqiM5rBqztdawBKup6UhyaVDqCrynA4ten+eUade8RBg2 + pA8KLryOPA/zDZEgJmHgaQ9eBCoraAd+UYyBbK49U+yKxQkL0ZGYpefP5wvupSTzMWaBemEA8jwQ + UmzE0iUOFGgUlv6TCNGii5jyAAV4g4t5EO2zxv7DHAGcxkME7VO23iuryioHq6PxHaeuoyzjKH+n + CffuVIVBFU9lqFVX8TllNVaVKKnwygp1A+uosVVXAVrlmjxNuTej7Kj54TrFrBKRZTafc6JVO3W5 + n6xNRVScvJJ70Rk85p5Hhdu5OOqjkLCt3e5IugfuxHW4Yfl233B83jMGg75lCNcXsu9PHNkl/ldK + YtlCdvibkpJCZiQEnSfSmSdxKN6tqQwqRwu8eF+lHCXNaVIMI5nVnUnX7wp7IgV3+wdcdvlA+NwZ + HHgT7g48p9M5FkdqFux11z7FfyFnzHmk6YthFE1LM1sa9zCZYZvEi8zisJJNjQXnSzIp5FUuQJ2D + x7MTwzEXERV11buv7de4enm2/RpXL9+2XWOAlSguZnQ1c6aCn52EPLqT0XIWLNTRIhZX3J4UeHdN + Vc5w532WxAvZvgZEeXRToM8g3QCjtzzptIy+936+GHLq4Nepu0VxyluURKeBN9TZwvh6Q53/ofEb + 6tShThU16vifU9K8kgVhT9PibP6gX7b0swVN4pTr3+X0LD8BAAD//4KbgquhZ4CrGDMwwl4e4hoK + NcDpAZwNQVwNWFA5glXCGKcEvOmYmleWWZSfB2k7QoRSSqGTwhAuMaFXll9CvfF/iGFwQ4E2ZSQW + h+WDBzhhUw7AfABxcjWMCa2OSHEAAAAA///CnEDXh5mro5SbWBGUWlyaAzIYybPg0cmiEscSiMdB + cyk5+aDOApI4qmYjFN1QDWDX1tbWAgAAAP//AwA5onNdgyAAAA== + headers: + Atl-Request-Id: + - 09d9194d-83fc-49bd-b86a-272d3bd346b9 + Atl-Traceid: + - 09d9194d83fc49bdb86a272d3bd346b9 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:02 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=277,atl-edge-internal;dur=15,atl-edge-upstream;dur=263,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 77c1891a23b947928007987fdef95e91 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"transition": {"id": 11}, "fields": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '40' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: POST + uri: https://defectdojo.atlassian.net/rest/api/2/issue/NTEST-1587/transitions + response: + body: + string: '' + headers: + Atl-Request-Id: + - afa21323-e450-49b7-9876-8ebe8559accd + Atl-Traceid: + - afa21323e45049b798768ebe8559accd + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - text/html;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:02 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=541,atl-edge-internal;dur=30,atl-edge-upstream;dur=509,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - e4f12081485b44eea834b37eb209f502 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0te3bqbpN26vMkEp+gU2r0oImlzi9U0KU06GGP/3QSH7lF9u9zz + nXsO90Aq6XA7aCLIm/e9E7OZwgZrr+y7TaTX0rlWmsSgJxOiWtdruf8HX+Cwa2tU6D7WqPsVGo/D + X4+srGn0iKbG3zl3OLjWmgBTAJpAAtNic/lYrB/KH3UzdlWYiHiO0AQm8BIysdd234WW5b6PaStt + RxVM1dhq9WUhIhjYYnFaXkkfQQYsnVI2pcuSMsGpoDwBgAsIcPC78AccyrY7ZzmUNBc0E8ATzug3 + W3c3prEBhDSDlLO55FWVZ/mSZkuqMsbrmuWo5lRiI2U6r84CvI4Jt+0g4wuDPmp/Z2sZ1weiTxNB + 87otyPG82JM1Ubm+L8nxEwAA//8DANXQk2ggAgAA + headers: + Atl-Request-Id: + - 43a75407-0257-45eb-849a-c81aa051c26a + Atl-Traceid: + - 43a75407025745eb849ac81aa051c26a + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:03 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=145,atl-edge-internal;dur=18,atl-edge-upstream;dur=125,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 30e02a574c7ae193b8c160f07c01cdc9 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+dVKJlyRb4kyn4zpK4tR1XVlJHhyPByJXJGISYAFQR+P89+6S + ohQfSmt3GnvGxLUHdr/9sP7swKrkMnEiR4NMQEPySkCemI7kBZiOiTMoeEeVoLkVSpoOJMIWYHkn + zrhMIVdpZwHa4B4kEyg1GJB2czaujFXFnBReB74f+K6GPyswdrou4Vzz2IoYnI4jyH4wGI2GODGQ + z3GaWVuayPMSmENsE/VJudzm3BjBpSvBemjJerwUXugJYyrwWgU3sEb5s+n4YtoNBsMDXKpdME70 + 2THoW2VibiFVet3cIcEZSoR+2O8GYbfnT4NhFPSjwcg9GIx+RL99cpKMWHS8VvNMJ0neQ31+uL32 + ZpKAibUoKXC4esRMwfO8wxJhrJCxZaWAGJias6XSNy5Jx0q+0/kTvaikoHTx/JovuOXaWwhYerVb + Owc3W4HfC4Y/G/EX/FRg2qsCrRIs0OSUmxvKVTWzNIrmPDfQcRrBE7xXLdtxMoHA0XG2PoUFoK/+ + l45jBSKrRJQ4kazwjs49mPT8fRtBu1Fq9Qmv+sxMbKTrPNSZbfNAk6/Qs7vuOymsRQXG2domCP9a + nzVqbpdcE5CNKMpcoMPJvZBgomr49Yer/vCJ7n4jZe1Ntgnr+4foRthfhf3/10oDixqkaDA4WAUH + 38PgqrXYC1e98HtY3CD/y5eHcAz34bTXbszF6n1Djpj9yytEQ5pqSJFv/rEIBu0GXkDlVcMLjx89 + 2LdxuGcj3Lsx3LcxeuhOQ5vNKpFS/UI4UTfAKbf4cDSE+/T6bOh8R+Beo05T9dXDY1VR4AIi5Q+0 + IGTqRFZXgFlCpfY9JpZqsHGu1kf6tYibOH5+sEa+orDJVJUnL4Upc77e1DBlXgNelmjiwSPR67uH + w6B9JO6HbR+VhVsqu7+xBVWphdLCrp8ZxFbcq1+af/9WiIKnYDySMK0SgQuZSDPXLNIdKb7BlZY9 + Q+dhfYTbMsj5DIj/qALu9wT7wBvsw2gwpIhk3IxLEZ8KefOKdl5CSf2LjNus1blc1nvbFankGNsX + PsthAtw0SNCbkXN++u71ydn16cnx+OxifD2eTH6f4P2wTg2GBA9MM2DnSPTSMrLLhGFK5muGpCFy + UsqsYm+F5uxcQ4GswSqDqHUfI48AC8rxb4Xvl8kscppXEbOH4d9V1R22wESkQvL8/qFN97UJb43r + HL1rCQczm0rYnq5KKttHkXy33WkapWeCrxHePrB3e5un4XGHt194fIPtZgu5Vnlj63jT0f0nh9u2 + sKkZNBK2/YCEJVW3ypU+a7yZ5RV0U40ssWuKFHupmmSrosSGWNrHQT/YRwuDLS18K+N3w/lRfv17 + xFKtqpIaxVdCJkiMhmGtsBmAZGVlMkhqlJ5Mjug7AybkggwQzBKG/wowfLQgiUhZFrrsNan7KF/U + 3xcRu9yqFTJiZRoN3MD1bynYGOtcxTzPlLHR0B/63rw5e1375PUGoyuUYpcXEFfETeyNWnat2iOM + b3JS4ZscXjGPXQbGsj8qri1oNpYpVmSB8d0jCtsDXlBLn53/xo4qrH12EXO5R4o6PG/kXzWRvL1l + F9i01n7i+Pj9uP58aD5tgmmyeeJpOBUWaYBEa0DhCBUxYkp2yy5RRzfE0u8GB/4wrL0ggMpF4krs + 891ULbxFlUuErEVK8e6evyIVo/5WLF6CWwirwVU69bCsOUFdYKtKdOCN+m5mi5ykyhT/1HkiFSH+ + TKBQFvAaCbDxCtNBMqzLfjhP/wYAAP//7Fjfb9s2EP5XDggQyJpDz7JsYw78ECR92LAWw9LuZR5g + RWZibbLk6Eeaouv/vu9IiqJiq0WTPSYJHPmORx6/O9591JBO0+qcAjEei4Do9K46X9JE/AhjpZiI + mQipUYStIhRTMW/k01Y+FZirkc9aOT9OWzl7Z+RjMWvlQSsP3PGTVj4Rk1YetvKw3cC8XZcfHbld + lx+DQU9umEweBZMZI3oB0vAghxx6RffpWJzn3xlnM/7/ivNrjJ8d47AvxiiETVFY+CreLCP/qpZ0 + hQoK4S/oLhT8NCQ02Cl1q3Pzux0LW57V94l4PZcvjNkMddu/Ur0ebfjvnJgFIR7ftCMPH4Njkf1q + XMlHL4D8T/w7e8ZxxYI492qCl7WFbmr513ldxBLplUqfG/QZ+uguKSXjur9zBl61NMJHu7fLIvdK + 06BFko+izUNSgorgDjANAjCMW4YYx6Ehnsw11vu7NYHUwb+MIip0GsecxtKmMe9BFtFNknJPrbZR + RXmMhUr6uAU7qUCvjSGjdhOVkvKC7nFP+0S4K8d8CkvMHhfRLTsAOlbvMmL2JdRBA0EvJIGhU/Ux + b0xiKmOZRbjJMGXBUkm8JRABsPc0+UeCv99ilQhu7/dpEqtXl4YaNQ6nEvjgyPIFwB2ltwaf6qyM + blEqmO+flTUPgX/lfWqWM8iUtItgnORgBo7zpVhlweHsMMqAdMnOwD1ceQuwRcxr0WG2Zn2IDFKF + rOoiQ27jqazTitF1fMC4o04IBvDkBFeXHPHE32WexXJfrbL1er3K+DpY0We6xM7Aer7QkvhdblJI + 7/TkMZgjtfT/QTM21iOXBO5szDxWqidhNseSxoDhWtL6+s2vby7f05gurun0vs6r8xV+9OQjX0tw + CI+p/dEK5/IH3mqZp1LgtuAh+2Pc4ITMHgZ/sTeg0DDJRiNtvVYOaKcUgB78GJIni2LICA5oySeH + PmNmsyfMtWHHvwwMOPSHTRR6C9KKfCE+aq68eQ+06JRxMMWeQg5NXym3RgfF3GoOyrmjeVLQHc2T + ku5onhR1R/OkrFvNQWF3NN3SDpx+Uy94Ng1ICzPSgGRQwXwOXIyRwYQXcuFijAwoRtXAxRhZUBxN + 0/IaVDoqBsmi0tEwSBaVjoZBsqh0NAySRcXRaJAsKh2NBslJJuC1RSZxSp5pwrc4LPR8V1nwB7oT + vl3EfA6QmPUNjr/pAW8TdfMzLcC3V5lAPIrHBX1Qbwu4AJli34QEFTOFphCu0aTPSEfrqE3YZ6PD + eNRm2mejA3zUZtZnoyNibcijd9yBVHeyHU4lwVBHfKjKrg4xt5ooLXPa6wQWxDzCLjrvW1SF9OuL + moRAlzpYwMTu590+iiuO27ucEvWFkAIPyUZu2jaPgb+DFBUS1bz8nj5vTPc5X7mZpnjRZpdkA/IG + /+5AQ6p8YanHUT77ymWdA+wWvG9z2fCZXDZkLhu+jMv+BwAA//+iSluW3K4vcrqldVvWcLQtWwAA + AAD//+yaXWvCMBSG/8oYeJkubWNrB+IUNtxf8O40SefQftAP9veX09RgM7ONXRVW8EJMjj0em7cv + vM/sZWcvO3tZh6yPvNlI2Efe7FraZy97mdfsZWcvOw0v65vSH7zs1/x+aSJsO751JXg+u07w2hr4 + qYcTEC6wtxrEw1pgBrawFqirgrpSdGpS9Mt4XBtd5Ac1zYzSaDuThLYFfsTETSeeTZfngHHs/c28 + EEeNTEVZ/zGwRXeyAc6RBHkV69hXTpYuwq2MVlEaMSA0C2LCMliSJIkpEVEmZJylTIYY7ppKdVld + +/jLSon3y1YI1UuDPUNdnsXTVcu8RE7ue+yr/zOk91brbVhzQY/CLBRBKgVE8QpkCInIgCUrnkKU + cOb7G7Huv0X91kXwol66juRQDJEnIfqjxusa8qFGRgIPs1RPqyXOlFQADY5U1fduXp1L9Xa/I8yr + CozYbYRs+h3bDNr0O7YZtql3rCRMaDJqYCD2/c1/tztDcZJFc3yv+qOFsZnGsbQKHsoCdz93dVnJ + h4OSIY7g0HAGEaRUq+ak42UGrvQ2PcFc2stcUBVzkXrM6Hs9PBz+rxx9AgAA//8axAlvtDiih4tH + iyNcxRF6qQFv48GbRECnp0OyYDVogTiUbQC0ML8kEbruHd0UnI05nMUYzlaeEfaCEtcSSgNczVpQ + qYBVwgDuZTQJY1w6jOHtxtS8ssyi/DxI2xAilFIK3XQB4RIVevm5EBOqYUxo7UBGaY20X0QfZq6O + Um5iRRBklAnFbvAKw6ISxxKIO8qAnRtyl0ViLGyGGAY3FGhXRmJxWD54gSZs7TFoaTVo2SPISrhD + UF1rhOJcqAZw8NTW1gIAAAD//wMAcqtTseMzAAA= + headers: + Atl-Request-Id: + - 7c5290ce-9243-43ba-b12c-ced579f7aa1a + Atl-Traceid: + - 7c5290ce924343bab12cced579f7aa1a + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:03 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=342,atl-edge-internal;dur=14,atl-edge-upstream;dur=329,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 70bafd5179c9cafed92ba87ba8a661ae + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/createmeta?projectKeys=NTEST&issuetypeNames=Task&expand=projects.issuetypes.fields + response: + body: + string: !!binary | + H4sIAAAAAAAAA+xW32/TMBD+V6o8V0vbVWOqhBBiIE2gCWndXtCETHJZb3PsYDttyrT/nXPixO5a + RjpgvCxP9vl+fOf77uK7CKqCiTSaRYWSN5AYHQ39cvblziug1iWYdQFWRQPPSLYwptCzOE4hI4NU + 3sgDZjjTGpk4EGBiBdrErMB4Ejuv8XhEH7lA67Td3MKadmfz9+dz2gmWA20vBBpDDmxAtmSGqQvF + CdVdND2upsd7xi8FLkFpxr82vuIlwiq2CXXQ3MF4NB29opiTaTWZ/tsobzT+gNc6Z5xTwPFRNT56 + joBVG/FwUh1OniNiDimWeXQ/DHlk+fUEJnUeai5NQi7ZTQo6UVgYlIKkbwd1rsNBitqgSMygQEhg + ILPBSqrbA2udSEHM2hPFI9fgAXYXcTg+3riIjuRzpm9pVwqjmNCcGUjPNk50+c3Y1SxjXMMwWiAo + ppLF+hMsgUCPhr5HMwSe2nZxC2oVXeY5U2u7VPC9RAWkaFRJnnSygJzZE4uVzLVRKK5tzLU2kFuJ + s77v8J47SduzrQYBY/oEMlZyc8l4CR1gWRBgWw1bcKq3ia5CGvRC5rUDcF7o4Z1a2WDeaDYIQ9te + GK9o3HAuV5DWSi88fYSNjeEp5VXb7qDnva12wRQIs1lq52F3rTmKOlxba+fAF/pzI2iL7M57Vrhj + YSLzQgqyrHvl99iYUsxyHQkVmXj7EGvg1ON954Ut5kCvL26WpjYS2HgKcrmEaAdbbWYb7OqT2nbz + hy58IieBtM0k1OybSlsC98/oNQZa3ZAYThQwo1Ny1Oj2ewDbvtQnjYA/e/Q4azvNPjbDVmZmRUy3 + F4B5wZHmvC/pyxvpbwb8f2+kemJmWF2Sh4aUffr34Wiy8Zt+7Hol9On75QNWA6fsZ1Oouk/jDN2I + enw4FQqlQvPgVfKrzDrtjbZ3srDvO7W28TvBVgLNgNnGvwPwExu/iR2PbUn6/7gxZ9egY2uhWydI + ggVeL8j7TwAAAP//vJfBboMwDIZfpeqht8K6tpdJqNph0iax087VBNQCNgqMkHU99N0XxwmE0mms + QTvWjZMvtnF+O+wTW7S68SMZ8QTZV0Qw7GClRhkHtk+qMW+tMZfjYNL31gV91rJHoi6tUVfjoIqK + 7HL6xUFDrqwh16NB9krUlzaNup6etihNzC/RDv0/SwH1Imd1sZfT1at4xherYR0syLEJkfNUCj+n + PH6lzIkrgDwpStGHnLe0Cu7iZA5lGs2V/iUXktfitLbZPYhFE58WKTXZQ7vQ9n7s29iVsyAE0g4D + bnT22vTVo9qtRfbJoHnV/6Lf8rpAdZxBDQPT2FTCwrlxaSOX8Viktt58cKiO3uDLX1LUgjmo6yBK + 9oOHlvN4GP5GTAxrG5d7cynFpuM97B50g6goj+14jUV0ZT4Nf4PfsBp5Fb9hN5GTd5vezgY2KVZz + tCsK/h2qTcQrnPSUyH/aeTOWFIcXHuKASkOhh4+7aWZkUa4SVOhpL+dZNruqXJowI3Ccg2xjvweZ + M6g65aC9jWLQpqYUWoNdFPFwl3YLwgxcBjimb5Qc9eQY8tdoUOdAwbo9fQMAAP//AwBWYTYNTBYA + AA== + headers: + Atl-Request-Id: + - 1e551436-4886-47d4-8108-6bd2eefc1407 + Atl-Traceid: + - 1e551436488647d481086bd2eefc1407 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:04 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=314,atl-edge-internal;dur=14,atl-edge-upstream;dur=300,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + Warning: + - 'The issue create meta endpoint has been deprecated. (Deprecation start date: + June 03, 2024)' + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 2a0d7628c56183e89902369ee1cd2ae6 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: '{"fields": {"project": {"key": "NTEST"}, "issuetype": {"name": "Task"}, + "summary": "Findings in: pg:5.1.0", "description": "\n\n\n\n\n\n\nA group of + Findings has been pushed to JIRA to be investigated and fixed:\n\nh2. Group\n*Group*: + [Findings in: pg:5.1.0|http://localhost:8080/finding_group/359] in [Security + How-to|http://localhost:8080/product/2] / [1st Quarter Engagement|http://localhost:8080/engagement/1] + / [NPM Audit Scan|http://localhost:8080/test/90]\n\n\n|| Severity || CVE || + CWE || Component || Version || Title || Status ||\n| High | [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [2222Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236] | Active, + Verified |\n| High | [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082] + | [94|https://cwe.mitre.org/data/definitions/94.html] | pg | 5.1.0 | [Remote + Code Execution - (Pg, < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < + 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= + 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 + < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/234] | Active, + Verified |\n\n*Severity:* High\n\n *Due Date:* Jan. 29, 2025 \n\n\n\n\n\n\n\n\n\n\nh1. + Findings\n\nh3. [2222Remote Code Execution - (Pg, < 2.11.2 >= 3.0.0 < + 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < 5.2.1 >= 6.0.0 < 6.0.5 >= + 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= 6.3.0 < 6.3.3 >= 6.4.0 + < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 < 7.1.2)|http://localhost:8080/finding/236]\n*Defect + Dojo link:* http://localhost:8080/finding/236 (236)\n*Severity:* High\n *Due + Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2019-16082|https://nvd.nist.gov/vuln/detail/CVE-2019-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/522\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/522\n\n\n*Reporter:* + [(admin) ()|mailto:]\n\n\n\nh1. Findings\n\nh3. [Remote Code Execution - (Pg, + < 2.11.2 >= 3.0.0 < 3.6.4 >= 4.0.0 < 4.5.7 >= 5.0.0 < + 5.2.1 >= 6.0.0 < 6.0.5 >= 6.1.0 < 6.1.6 >= 6.2.0 < 6.2.5 >= + 6.3.0 < 6.3.3 >= 6.4.0 < 6.4.2 >= 7.0.0 < 7.0.2 >= 7.1.0 + < 7.1.2)|http://localhost:8080/finding/234]\n*Defect Dojo link:* http://localhost:8080/finding/234 + (234)\n*Severity:* High\n *Due Date:* Jan. 29, 2025 \n *CWE:* [CWE-94|https://cwe.mitre.org/data/definitions/94.html] + \n*CVE:* [CVE-2017-16082|https://nvd.nist.gov/vuln/detail/CVE-2017-16082]\n\n\n\n\n\n\n*Source + File*: pg-promise>pg\n\n\n\n\n*Description*:\nhttps://nodesecurity.io/advisories/521\nAffected + versions of `pg` contain a remote code execution vulnerability that occurs when + the remote database or query specifies a crafted column name. \n\nThere are + two specific scenarios in which it is likely for an application to be vulnerable:\n1. + The application executes unsafe, user-supplied sql which contains malicious + column names.\n2. The application connects to an untrusted database and executes + a query returning results which contain a malicious column name.\n\n## Proof + of Concept\n```\nconst { Client } = require('pg')\nconst client = + new Client()\nclient.connect()\n\nconst sql = `SELECT 1 AS "\\\\'/*", + 2 AS "\\\\'*/\\n + console.log(process.env)] = null;\\n//"`\n\nclient.query(sql, + (err, res) => {\n client.end()\n})\n```\n Vulnerable Module: pg\n Vulnerable + Versions: < 2.11.2 || >= 3.0.0 < 3.6.4 || >= 4.0.0 < 4.5.7 || + >= 5.0.0 < 5.2.1 || >= 6.0.0 < 6.0.5 || >= 6.1.0 < 6.1.6 || + >= 6.2.0 < 6.2.5 || >= 6.3.0 < 6.3.3 || >= 6.4.0 < 6.4.2 || + >= 7.0.0 < 7.0.2 || >= 7.1.0 < 7.1.2\n Patched Version: >= 2.11.2 + < 3.0.0|| >= 3.6.4 < 4.0.0 || >= 4.5.7 < 5.0.0 || >= 5.2.1 + < 6.0.0 || >= 6.0.5 < 6.1.0 || >= 6.1.6 < 6.2.0 || >= 6.2.5 + < 6.3.0 || >= 6.3.3 < 6.4.0 || >= 6.4.2 < 7.0.0 || >= 7.0.2 + < 7.1.0 || >= 7.1.2\n Vulnerable Paths: \n - 5.1.0:pg-promise>pg\n + CWE: CWE-94\n Access: public\n\n\n*Mitigation*:\n* Version 2.x.x: Update to + version 2.11.2 or later.\n* Version 3.x.x: Update to version 3.6.4 or later.\n* + Version 4.x.x: Update to version 4.5.7 or later.\n* Version 5.x.x: Update to + version 5.2.1 or later.\n* Version 6.x.x: Update to version 6.4.2 or later. + ( Note that versions 6.1.6, 6.2.5, and 6.3.3 are also patched. )\n* Version + 7.x.x: Update to version 7.1.2 or later. ( Note that version 7.0.2 is also patched. + )\n\n\n\n*Impact*:\nNo impact provided\n\n\n\n\n\n*References*:\nhttps://nodesecurity.io/advisories/521\n\n\n*Reporter:* + [(admin) ()|mailto:]\n"}, "update": {}}' + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Length: + - '7127' + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: PUT + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: '' + headers: + Atl-Request-Id: + - 9195dc78-a564-44a2-a7d3-be168b63097c + Atl-Traceid: + - 9195dc78a56444a2a7d3be168b63097c + Cache-Control: + - no-cache, no-store, no-transform + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:04 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=312,atl-edge-internal;dur=14,atl-edge-upstream;dur=298,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - 34967c5080f6478311766ee710252c25 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 204 + message: No Content +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15998 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xXWXPbNhD+Kxg+dVKJlyRb4kyn4zpK4tR1XVlJHhyPByJXJGISYAFQR+P89+6S + ohQfSmt3GnvGxLUHdr/9sP7swKrkMnEiR4NMQEPySkCemI7kBZiOiTMoeEeVoLkVSpoOJMIWYHkn + zrhMIVdpZwHa4B4kEyg1GJB2czaujFXFnBReB74f+K6GPyswdrou4Vzz2IoYnI4jyH4wGI2GODGQ + z3GaWVuayPMSmENsE/VJudzm3BjBpSvBemjJerwUXugJYyrwWgU3sEb5s+n4YtoNBsMDXKpdME70 + 2THoW2VibiFVet3cIcEZSoR+2O8GYbfnT4NhFPSjwcg9GIx+RL99cpKMWHS8VvNMJ0neQ31+uL32 + ZpKAibUoKXC4esRMwfO8wxJhrJCxZaWAGJias6XSNy5Jx0q+0/kTvaikoHTx/JovuOXaWwhYerVb + Owc3W4HfC4Y/G/EX/FRg2qsCrRIs0OSUmxvKVTWzNIrmPDfQcRrBE7xXLdtxMoHA0XG2PoUFoK/+ + l45jBSKrRJQ4kazwjs49mPT8fRtBu1Fq9Qmv+sxMbKTrPNSZbfNAk6/Qs7vuOymsRQXG2domCP9a + nzVqbpdcE5CNKMpcoMPJvZBgomr49Yer/vCJ7n4jZe1Ntgnr+4foRthfhf3/10oDixqkaDA4WAUH + 38PgqrXYC1e98HtY3CD/y5eHcAz34bTXbszF6n1Djpj9yytEQ5pqSJFv/rEIBu0GXkDlVcMLjx89 + 2LdxuGcj3Lsx3LcxeuhOQ5vNKpFS/UI4UTfAKbf4cDSE+/T6bOh8R+Beo05T9dXDY1VR4AIi5Q+0 + IGTqRFZXgFlCpfY9JpZqsHGu1kf6tYibOH5+sEa+orDJVJUnL4Upc77e1DBlXgNelmjiwSPR67uH + w6B9JO6HbR+VhVsqu7+xBVWphdLCrp8ZxFbcq1+af/9WiIKnYDySMK0SgQuZSDPXLNIdKb7BlZY9 + Q+dhfYTbMsj5DIj/qALu9wT7wBvsw2gwpIhk3IxLEZ8KefOKdl5CSf2LjNus1blc1nvbFankGNsX + PsthAtw0SNCbkXN++u71ydn16cnx+OxifD2eTH6f4P2wTg2GBA9MM2DnSPTSMrLLhGFK5muGpCFy + UsqsYm+F5uxcQ4GswSqDqHUfI48AC8rxb4Xvl8kscppXEbOH4d9V1R22wESkQvL8/qFN97UJb43r + HL1rCQczm0rYnq5KKttHkXy33WkapWeCrxHePrB3e5un4XGHt194fIPtZgu5Vnlj63jT0f0nh9u2 + sKkZNBK2/YCEJVW3ypU+a7yZ5RV0U40ssWuKFHupmmSrosSGWNrHQT/YRwuDLS18K+N3w/lRfv17 + xFKtqpIaxVdCJkiMhmGtsBmAZGVlMkhqlJ5Mjug7AybkggwQzBKG/wowfLQgiUhZFrrsNan7KF/U + 3xcRu9yqFTJiZRoN3MD1bynYGOtcxTzPlLHR0B/63rw5e1375PUGoyuUYpcXEFfETeyNWnat2iOM + b3JS4ZscXjGPXQbGsj8qri1oNpYpVmSB8d0jCtsDXlBLn53/xo4qrH12EXO5R4o6PG/kXzWRvL1l + F9i01n7i+Pj9uP58aD5tgmmyeeJpOBUWaYBEa0DhCBUxYkp2yy5RRzfE0u8GB/4wrL0ggMpF4krs + 891ULbxFlUuErEVK8e6evyIVo/5WLF6CWwirwVU69bCsOUFdYKtKdOCN+m5mi5ykyhT/1HkiFSH+ + TKBQFvAaCbDxCtNBMqzLfjhP/wYAAP//7Fjfb9s2EP5XDggQyJpDz7JsYw78ECR92LAWw9LuZR5g + RWZibbLk6Eeaouv/vu9IiqJiq0WTPSYJHPmORx6/O9591JBO0+qcAjEei4Do9K46X9JE/AhjpZiI + mQipUYStIhRTMW/k01Y+FZirkc9aOT9OWzl7Z+RjMWvlQSsP3PGTVj4Rk1YetvKw3cC8XZcfHbld + lx+DQU9umEweBZMZI3oB0vAghxx6RffpWJzn3xlnM/7/ivNrjJ8d47AvxiiETVFY+CreLCP/qpZ0 + hQoK4S/oLhT8NCQ02Cl1q3Pzux0LW57V94l4PZcvjNkMddu/Ur0ebfjvnJgFIR7ftCMPH4Njkf1q + XMlHL4D8T/w7e8ZxxYI492qCl7WFbmr513ldxBLplUqfG/QZ+uguKSXjur9zBl61NMJHu7fLIvdK + 06BFko+izUNSgorgDjANAjCMW4YYx6Ehnsw11vu7NYHUwb+MIip0GsecxtKmMe9BFtFNknJPrbZR + RXmMhUr6uAU7qUCvjSGjdhOVkvKC7nFP+0S4K8d8CkvMHhfRLTsAOlbvMmL2JdRBA0EvJIGhU/Ux + b0xiKmOZRbjJMGXBUkm8JRABsPc0+UeCv99ilQhu7/dpEqtXl4YaNQ6nEvjgyPIFwB2ltwaf6qyM + blEqmO+flTUPgX/lfWqWM8iUtItgnORgBo7zpVhlweHsMMqAdMnOwD1ceQuwRcxr0WG2Zn2IDFKF + rOoiQ27jqazTitF1fMC4o04IBvDkBFeXHPHE32WexXJfrbL1er3K+DpY0We6xM7Aer7QkvhdblJI + 7/TkMZgjtfT/QTM21iOXBO5szDxWqidhNseSxoDhWtL6+s2vby7f05gurun0vs6r8xV+9OQjX0tw + CI+p/dEK5/IH3mqZp1LgtuAh+2Pc4ITMHgZ/sTeg0DDJRiNtvVYOaKcUgB78GJIni2LICA5oySeH + PmNmsyfMtWHHvwwMOPSHTRR6C9KKfCE+aq68eQ+06JRxMMWeQg5NXym3RgfF3GoOyrmjeVLQHc2T + ku5onhR1R/OkrFvNQWF3NN3SDpx+Uy94Ng1ICzPSgGRQwXwOXIyRwYQXcuFijAwoRtXAxRhZUBxN + 0/IaVDoqBsmi0tEwSBaVjoZBsqh0NAySRcXRaJAsKh2NBslJJuC1RSZxSp5pwrc4LPR8V1nwB7oT + vl3EfA6QmPUNjr/pAW8TdfMzLcC3V5lAPIrHBX1Qbwu4AJli34QEFTOFphCu0aTPSEfrqE3YZ6PD + eNRm2mejA3zUZtZnoyNibcijd9yBVHeyHU4lwVBHfKjKrg4xt5ooLXPa6wQWxDzCLjrvW1SF9OuL + moRAlzpYwMTu590+iiuO27ucEvWFkAIPyUZu2jaPgb+DFBUS1bz8nj5vTPc5X7mZpnjRZpdkA/IG + /+5AQ6p8YanHUT77ymWdA+wWvG9z2fCZXDZkLhu+jMv+BwAA//+iSluW3K4vcrqldVvWcLQtWwAA + AAD//+yaXWvCMBSG/8oYeJkubWNrB+IUNtxf8O40SefQftAP9veX09RgM7ONXRVW8EJMjj0em7cv + vM/sZWcvO3tZh6yPvNlI2Efe7FraZy97mdfsZWcvOw0v65vSH7zs1/x+aSJsO751JXg+u07w2hr4 + qYcTEC6wtxrEw1pgBrawFqirgrpSdGpS9Mt4XBtd5Ac1zYzSaDuThLYFfsTETSeeTZfngHHs/c28 + EEeNTEVZ/zGwRXeyAc6RBHkV69hXTpYuwq2MVlEaMSA0C2LCMliSJIkpEVEmZJylTIYY7ppKdVld + +/jLSon3y1YI1UuDPUNdnsXTVcu8RE7ue+yr/zOk91brbVhzQY/CLBRBKgVE8QpkCInIgCUrnkKU + cOb7G7Huv0X91kXwol66juRQDJEnIfqjxusa8qFGRgIPs1RPqyXOlFQADY5U1fduXp1L9Xa/I8yr + CozYbYRs+h3bDNr0O7YZtql3rCRMaDJqYCD2/c1/tztDcZJFc3yv+qOFsZnGsbQKHsoCdz93dVnJ + h4OSIY7g0HAGEaRUq+ak42UGrvQ2PcFc2stcUBVzkXrM6Hs9PBz+rxx9AgAA//8axAlvtDiih4tH + iyNcxRF6qQFv48GbRECnp0OyYDVogTiUbQC0ML8kEbruHd0UnI05nMUYzlaeEfaCEtcSSgNczVpQ + qYBVwgDuZTQJY1w6jOHtxtS8ssyi/DxI2xAilFIK3XQB4RIVevm5EBOqYUxo7UBGaY20X0QfZq6O + Um5iRRBklAnFbvAKw6ISxxKIO8qAnRtyl0ViLGyGGAY3FGhXRmJxWD54gSZs7TFoaTVo2SPISrhD + UF1rhOJcqAZw8NTW1gIAAAD//wMAcqtTseMzAAA= + headers: + Atl-Request-Id: + - 4f5bdfea-42a3-4be0-9958-5507e2b83a54 + Atl-Traceid: + - 4f5bdfea42a34be099585507e2b83a54 + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:04 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=249,atl-edge-internal;dur=13,atl-edge-upstream;dur=237,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - bd669784884d8bc95d065cdbe76fcd3f + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/serverInfo + response: + body: + string: !!binary | + H4sIAAAAAAAAA5yQUUvDMBSF/0te3bqbtN26vMkEp+gU2r0oImlzi9E0KU06GGP/3QSH7lF9u9zz + nXsO90Bq4XA7aMLJm/e947OZxBYbL+27TYTXwjklTGLQkwmRyvVa7P/BlzjsVIMS3ccadb9C43H4 + 65GVNa0e0TT4O+cOB6esCTAFoAkkMC03l4/l+qH6UTdjV4eJ8OcITWACLyETe233XWhZ7fuYttJ2 + lMFUj0rLLwvhwcAWi9PySvgIMmDZlLIpXVaU8ZRymiYAcAEBDn4X/oBDpbpzNoWKFpzmHPKELeg3 + 23Q3prUBhCyHLGVzkdZ1kRdLmi+pzFnaNKxAOacCWyGyeX0W4HVMuFWDiC8M+qj9nW1EXB+IPk0E + zeu2JMfzYk/WROX6viLHTwAAAP//AwDqWLxcIAIAAA== + headers: + Atl-Request-Id: + - 0fac98cf-6777-4ab0-b8b4-5613ae9d242a + Atl-Traceid: + - 0fac98cf67774ab0b8b45613ae9d242a + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:05 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=161,atl-edge-internal;dur=15,atl-edge-upstream;dur=147,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - f05613a4d6c2b0fbec800b3b8eb167ea + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +- request: + body: null + headers: + Accept: + - application/json,*/*;q=0.9 + Accept-Encoding: + - gzip, deflate + Cache-Control: + - no-cache + Connection: + - keep-alive + Content-Type: + - application/json + User-Agent: + - python-requests/2.32.3 + method: GET + uri: https://defectdojo.atlassian.net/rest/api/2/issue/15997 + response: + body: + string: !!binary | + H4sIAAAAAAAAA7xX23LbNhD9FQwfU4k3SYnMmU7HdZTEreu6spI8OB4PTK5IxCTAAKAujf3v3SVF + KpatTO1OYz8Qt71g9+zB6qsDq5LLxIkcDTIBDckbAXliepIXYHomzqDgPVWC5lYoaXqQCFuA5b04 + 4zKFXKW9BWiDe5BModRgQNrN2bgyVhVzUngV+H7guxq+VGDsbF3CmeaxFTE4PUeQ/WB0cPAKJwby + OU4za0sTeV4Cc4htoj4rl9ucGyO4dCVYDy1Zj5fCCz1hTAVeq+AG1ih/Opucz/rBaDzCpdoF40Rf + HYO+VSbmFlKl180dEpyhROiHw34Q9gf+LBhHwTAaDd3x6OAn9NsnJ8mIRcdrNc90kuQ91OeH3bU3 + kwRMrEVJgcPVQ2YKnuc9lghjhYwtKwXEwNScLZW+cUk6VvK9zp/oRSUFpYvnV3zBLdfeQsDSq93a + OrjZCvxBMP7FiL/h5wLTXhVolWCBJmfc3FCuqmtLo2jOcwM9pxE8xnvVsj0nEwgcHWfrE1gA+urf + 9RwrEFklosSJZIV3dHZgMvDbjVKrz3ijZwZ8I12Hu05gG26afAOS7a3eS2EtKjBOZ5uQ+nt91qi5 + XXJNeDWiKHOBDic7N8d81CgbjlfD8RPd/U5m2pt0eRn6BPRwuAqH/6+VJvs1FtFg8HIVvPwRBlet + xUG4GoQ/wuIG4Hd3D+EY7MNpuG9j0G7MxepDQ44Ii4tLhEmaakiRbx4UAV5A5VVT/o9rHe3beLlv + 49WejXDvxnjfxsFDPxvabFaJlOoXwon6AU65xYejIdynF25D51sC9xp1msqyHh6pigIXECl/pAUh + UyeyuoK7DU+TNi3iJpxfH6yRZ3jUZKrKk9fClDlfb0oZl9Et+wExQ+W9iYYGvCzxx4NHYhC6w4Ow + fSR2w9ZR2e7GPlCFHahKLZQWdv3MILbiXv3S/Pu3QhQ8BeORhGmVCFzIRJq5ZpFu2fIdrrS0GjoP + CyfsyiDn10DESBWw2xPsA2+wD6PBmCKScTMpRXwi5M0b2nkNJfUvMm7zWGd3We91K1LJCbYv/DqH + KXDTYENvRs7Zyfu3x6dXJ8dHk9PzydVkOv1zivfDOjUYEjwwy4Cd4QsgLSO7TBimZL5myCYiJ6XM + Kvab0JydaSiQTlhlELXuY6wSYEE5/q3w/TIZRE7zKmL2MPzbqrrHFpiIVEie7x7adF+b8NZIz9G7 + lnAws6mE7nRVUtk+iuS63Rm3SG4apWeCrxHuXt77vc3T8LjF2688vsF2s4Vcq7yxdbTp6P6Tw21b + 2NQMGgnbRkHCkqpb5UqfNt5c5xX0U428sW2KFHutmmSrosSGWNrHQT/qaOF7id0V6ijjfjg/yW// + D1mqVVVSo/hGyASJ0TCsFXYNIFlZmQySGqXH00P6XgMTckGWCWYJw58CDB8tSCJSloUue0vqPskX + 9fdFxC46tUJGTGK8rOBW6ch3R+7gloKOMc9VzPNMGRuN/bHvzRuZq9o3bzAaX6I0uziHuCKOYu/U + sm/VHmF8tJMKH+3wknnsIjCW/VVxbUGziUyxMguM8x5R6A54QS19evYHO6yQA9h5zOUeKWoBvQP/ + sono7S07x+a19hPHRx8m9edj82kTTZPNU0/DmbBIByRaAwtHqIgRY7JbdoE6+iFSQB+75DCovSCg + ykXiSuz33VQtvEWVS4SuRWrx7p+/JBUD3+/k4iW4hbAaXKVTD+ubE+YFNrPECx4edTNb5CS3zRdO + 6oyRshD/ppBWOceY/gMAAP//7Fltb9owEP4r1qRWgEgKSQiFquqoWNVOazWt2j50XzCxgWwhifJC + 92E/fs85L7yUlI6qVSdNrYDYPvt8vnvO9+QX1XBqH0Ppu9wjV7qV0QKlGtNY7aacockOveTkFNPY + eqteYcv85I8M06T1B0i/C9kkU6n7M9tmFxv77Ji9J9slH6/sYj3dLtZOu7y4TYwqmyDgCqfrN5R9 + qI01hqlkQ0QqGj8CxZjRazIAeYeto0DxN2vrJQyoZ1N/tdPGFoYKeQGKPwJGOQla75RjNXzUt+3/ + 0d2zBiIS7d/xpe0VHFgS/qSmeF54rh9B4zZIIxjzwvUk4FNmBj+cJifccWSYqJ9L91sRHC5hvgE4 + LtUIgP85cOpucMTFwo2RQyTl2y4ywISMDjcqLgZ0pKPlCiOGKwwj/VGa55eWKHeHXDtyB1G6Q5y7 + A08SZOC4ye5nrjNjuEtPpwDhFADIQo61/CnjDEWNA0Fci5yIT0iP0UBtVPvE/WkKOB6xmeQCkguO + HKpnu2XflgpdA+89uZpc1vuLkqq/6pIY8lmVCaLoR/e06G6vz4CRM4ijEU6uwr2/+2AI8/v0Qf6F + R9pWjFnCdOy5Tn5o165KpfmZfVW3LbJwfhiZMgww46EjyjcPuat5yJ2EZG4C5qoHhsS3cIUUa+70 + BTGFKyiW/hunyEXDgPIm+XiNi7nr11mt/nsOH06Cfum3W0HjxQHD2BMwDAIM45mAsVfWeAAY++at + 1fN9bcCw/wPGKwCG9W8Bhl2K7gCMh4xHpyz6NwveKiqkbVV1lIQXVUlJBF9SPA8xNxtDW1XcmFXy + VpsSVbxDq+QdCvNUDaziylrlmmv1+2Z5p6JjRrVJViPG6XzOqYB992iFRSYnNiqI9ix1iZM4g8cS + h3YlTrttAGLrwBxI+9ge2xbXWhOjq1kT3tF6vW5LE/ZEyO5kbEmTyuJSEstmsv0nSkrym4EQFDWk + M48CT7xfURlVMy3wKJOuDkXqKLzVMJIp2FxzYgpjLAW3u8dcmrwnJtzqHTtjbvccq90+E6dqFuz1 + wLjAfyanzbmfF4maljXFehpr9zCZZuhUfepZxJJNtZDzmEwKeZUTuBfj5+W5ZumhT+TEJiv/9jXe + pPXfvsabrwXeusZALJGxzDl7dKmcn5173P8p/Xjmhiq0qBDMiOwM9O4Cn0Z/SKMglEd3gCOHKNc8 + BundFHrLSKdl8jdy23knqwqDrRU6+g8AAAD//0KVwDXHYQIv54uglcRocTQIEx6h4ggAAAD//xqM + Lh4tjmjtYvoVR+ilBrytB28aAZ2eDsmC1aA5dyjbAGhhfkkidMUAuim4WnsGuIoxAyPs5SHORiCu + VqwJrlkpA1ytWFBxgVXCGKcEvP2YmleWWZSfB2kjQoRSSqHLVSBcokIvPxdiQjWMCa0dyCitkVba + 6MPM1VHKTawISi0uzQEZjGQ3eG6mqMSxBOKOsvwS6k0JQwyDGwq0KyOxOCwfPLUFm8cFTUqDJoxA + VsIdgupaIxTnQjWAg6e2thYAAAD//wMAg8TTWx0lAAA= + headers: + Atl-Request-Id: + - 47bab63f-8363-4986-99f3-2c56e76b311f + Atl-Traceid: + - 47bab63f8363498699f32c56e76b311f + Cache-Control: + - no-cache, no-store, no-transform + Content-Encoding: + - gzip + Content-Type: + - application/json;charset=UTF-8 + Date: + - Mon, 30 Dec 2024 17:15:05 GMT + Nel: + - '{"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": + "endpoint-1"}' + Report-To: + - '{"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": + "endpoint-1", "include_subdomains": true, "max_age": 600}' + Server: + - AtlassianEdge + Server-Timing: + - atl-edge;dur=293,atl-edge-internal;dur=21,atl-edge-upstream;dur=260,atl-edge-pop;desc="aws-us-east-1" + Strict-Transport-Security: + - max-age=63072000; includeSubDomains; preload + Timing-Allow-Origin: + - '*' + Transfer-Encoding: + - chunked + Vary: + - Accept-Encoding + X-Aaccountid: + - 712020%3Ae686b64a-0f27-4fa5-9970-d6fde7fb4e32 + X-Arequestid: + - c0c183c5c1167c93821c635531594731 + X-Content-Type-Options: + - nosniff + X-Xss-Protection: + - 1; mode=block + status: + code: 200 + message: OK +version: 1