fix: request/response finding pattern fix

appknox · Sep 3, 2024 · 776c702 · 776c702
1 parent 5064f9f
commit 776c702
Showing 1 changed file with 17 additions and 6 deletions.
diff --git a/app/utils/parse-vulnerable-api-finding.ts b/app/utils/parse-vulnerable-api-finding.ts
@@ -74,7 +74,18 @@ function initializeVulnerableApiFinding(): VulnerableApiFinding {
  * @returns `true` if the content contains vulnerability indicators, otherwise `false`.
  */
 export function isVulnerableApiFinding(content: string): boolean {
-  const vulnerabilityPattern = /(\bseverity\b|\bconfidence\b|\bmethod\b)/;
+  const severityPattern =
+    '\bseverity:s*?(PASSED|LOW|MEDIUM|HIGH|CRITICAL|UNKNOWN)\b';
+
+  const confidencePattern = '\bconfidence:s*?(LOW|HIGH|MEDIUM)\b';
+
+  const methodPattern =
+    '\bmethod:s*?(GET|POST|PUT|DELETE|TRACE|HEAD|CONNECT|OPTIONS|PATCH)\b';
+
+  const vulnerabilityPattern = new RegExp(
+    `${severityPattern}|${confidencePattern}|${methodPattern}`,
+    'i'
+  );
 
   return content.length > 0 && vulnerabilityPattern.test(content);
 }
@@ -114,12 +125,12 @@ function isValidVulnerableApiFinding(finding: VulnerableApiFinding): boolean {
 }
 
 /**
- * Splits the report content into blocks based on double or triple newlines.
- * @param report - The report content to split.
- * @returns An array of strings, each representing a block of the report.
+ * Splits the content into blocks based on double or triple newlines.
+ * @param content - The content to split.
+ * @returns An array of strings, each representing a block of the content.
  */
-function splitVulnerableApiFindingIntoBlocks(report: string): string[] {
-  return report.split(/\n{2,3}/);
+function splitVulnerableApiFindingIntoBlocks(content: string): string[] {
+  return content.split(/\n{2,3}/);
 }
 
 /**