diff --git a/vulnerabilities/migrations/0109_alter_advisoryseverity_scoring_elements_and_more.py b/vulnerabilities/migrations/0109_alter_advisoryseverity_scoring_elements_and_more.py new file mode 100644 index 000000000..f5c2b922e --- /dev/null +++ b/vulnerabilities/migrations/0109_alter_advisoryseverity_scoring_elements_and_more.py @@ -0,0 +1,31 @@ +# Generated by Django 4.2.25 on 2025-12-31 10:45 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("vulnerabilities", "0108_advisoryv2_advisory_latest_by_avid_idx"), + ] + + operations = [ + migrations.AlterField( + model_name="advisoryseverity", + name="scoring_elements", + field=models.CharField( + help_text="Supporting scoring elements used to compute the score values. For example a CVSS vector string as used to compute a CVSS score.", + max_length=250, + null=True, + ), + ), + migrations.AlterField( + model_name="vulnerabilityseverity", + name="scoring_elements", + field=models.CharField( + help_text="Supporting scoring elements used to compute the score values. For example a CVSS vector string as used to compute a CVSS score.", + max_length=250, + null=True, + ), + ), + ] diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py index ed5c2d254..38f4ebdc3 100644 --- a/vulnerabilities/models.py +++ b/vulnerabilities/models.py @@ -203,7 +203,7 @@ class VulnerabilitySeverity(models.Model): value = models.CharField(max_length=50, help_text="Example: 9.0, Important, High") scoring_elements = models.CharField( - max_length=150, + max_length=250, null=True, help_text="Supporting scoring elements used to compute the score values. " "For example a CVSS vector string as used to compute a CVSS score.", @@ -2565,7 +2565,7 @@ class AdvisorySeverity(models.Model): value = models.CharField(max_length=50, help_text="Example: 9.0, Important, High", null=True) scoring_elements = models.CharField( - max_length=150, + max_length=250, null=True, help_text="Supporting scoring elements used to compute the score values. " "For example a CVSS vector string as used to compute a CVSS score.", diff --git a/vulnerabilities/tests/test_models.py b/vulnerabilities/tests/test_models.py index 46a99256d..6c15b862a 100644 --- a/vulnerabilities/tests/test_models.py +++ b/vulnerabilities/tests/test_models.py @@ -25,10 +25,12 @@ from vulnerabilities.importer import AdvisoryData from vulnerabilities.importer import AffectedPackage from vulnerabilities.importer import Reference +from vulnerabilities.models import AdvisorySeverity from vulnerabilities.models import Alias from vulnerabilities.models import Package from vulnerabilities.models import Patch from vulnerabilities.models import Vulnerability +from vulnerabilities.severity_systems import CVSSV4 from vulnerabilities.utils import compute_content_id @@ -720,3 +722,16 @@ def test_constraint_none_empty(self): with self.assertRaises(IntegrityError) as raised: Patch.objects.create(patch_url=None, patch_text="") self.assertIn("patch_url_or_patch_text", str(raised.exception)) + + +class TestStoreLongCVSSV4(TestCase): + @pytest.mark.django_db + def test_constraint_none(self): + AdvisorySeverity.objects.create( + scoring_system=CVSSV4, + scoring_elements="CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + ) + AdvisorySeverity.objects.create( + scoring_system=CVSSV4, + scoring_elements="CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:L/VI:L/VA:H/SC:H/SI:L/SA:L/E:A/CR:M/IR:M/AR:M/MAV:A/MAC:L/MAT:P/MPR:L/MVC:L/MVI:L/MVA:L/MSC:H/MSI:H/MSA:H/S:P/AU:Y/R:U/V:C/RE:M/U:Amber", + )