regscale-cli 6.27.1.0__py3-none-any.whl → 6.27.3.0__py3-none-any.whl

regscale/models/integration_models/aqua.py

@@ -210,13 +210,13 @@ class Aqua(FlatFileImporter):
             self.logger.error(f"Error creating finding: {e}")
             return None
 
-    def determine_cvss_severity(self, dat: dict) -> str:
+    def determine_cvss_severity(self, dat: dict) -> IssueSeverity:
         """
         Determine the CVSS severity of the vulnerability
 
         :param dict dat: Data row from CSV file
         :return: A severity derived from the CVSS scores
-        :rtype: str
+        :rtype: IssueSeverity
         """
         precedence_order = [
             self.nvd_cvss_v3_severity,

regscale/models/integration_models/cisa_kev_data.json

@@ -1,9 +1,127 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.10.15",
-    "dateReleased": "2025-10-15T18:34:38.9479Z",
-    "count": 1442,
+    "catalogVersion": "2025.10.24",
+    "dateReleased": "2025-10-24T16:55:58.321Z",
+    "count": 1449,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2025-54236",
+            "vendorProject": "Adobe",
+            "product": "Commerce and\u202fMagento",
+            "vulnerabilityName": "Adobe Commerce and\u202fMagento Improper Input Validation Vulnerability",
+            "dateAdded": "2025-10-24",
+            "shortDescription": "Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-14",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/experienceleague.adobe.com\/en\/docs\/experience-cloud-kcs\/kbarticles\/ka-27397 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-54236",
+            "cwes": [
+                "CWE-20"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-59287",
+            "vendorProject": "Microsoft",
+            "product": "Windows",
+            "vulnerabilityName": "Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability",
+            "dateAdded": "2025-10-24",
+            "shortDescription": "Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-14",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-59287 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-59287",
+            "cwes": [
+                "CWE-502"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-61932",
+            "vendorProject": "Motex",
+            "product": "LANSCOPE Endpoint Manager",
+            "vulnerabilityName": "Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability",
+            "dateAdded": "2025-10-22",
+            "shortDescription": "Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability allowing an attacker to execute arbitrary code by sending specially crafted packets.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-12",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/www.motex.co.jp\/news\/notice\/2025\/release251020\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-61932",
+            "cwes": [
+                "CWE-940"
+            ]
+        },
+        {
+            "cveID": "CVE-2022-48503",
+            "vendorProject": "Apple",
+            "product": "Multiple Products",
+            "vulnerabilityName": "Apple Multiple Products Unspecified Vulnerability",
+            "dateAdded": "2025-10-20",
+            "shortDescription": "Apple macOS, iOS, tvOS, Safari, and watchOS contain an unspecified vulnerability in JavaScriptCore that when processing web content may lead to arbitrary code execution. The impacted product could be end-of-life (EoL) and\/or end-of-service (EoS). Users should discontinue product utilization.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-10",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/support.apple.com\/en-us\/HT213340 ; https:\/\/support.apple.com\/en-us\/HT213341 ; https:\/\/support.apple.com\/en-us\/HT213342 ; https:\/\/support.apple.com\/en-us\/HT213345 ; https:\/\/support.apple.com\/en-us\/HT213346 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-48503",
+            "cwes": []
+        },
+        {
+            "cveID": "CVE-2025-2746",
+            "vendorProject": "Kentico",
+            "product": "Xperience CMS",
+            "vulnerabilityName": "Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability",
+            "dateAdded": "2025-10-20",
+            "shortDescription": "Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could allow an attacker to control administrative objects.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-10",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/devnet.kentico.com\/download\/hotfixes ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-2746",
+            "cwes": [
+                "CWE-288"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-2747",
+            "vendorProject": "Kentico",
+            "product": "Xperience CMS",
+            "vulnerabilityName": "Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability",
+            "dateAdded": "2025-10-20",
+            "shortDescription": "Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could allow an attacker to control administrative objects.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-10",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/devnet.kentico.com\/download\/hotfixes ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-2747",
+            "cwes": [
+                "CWE-288"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-33073",
+            "vendorProject": "Microsoft",
+            "product": "Windows",
+            "vulnerabilityName": "Microsoft Windows SMB Client Improper Access Control Vulnerability",
+            "dateAdded": "2025-10-20",
+            "shortDescription": "Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-10",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-33073 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-33073",
+            "cwes": [
+                "CWE-284"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-61884",
+            "vendorProject": "Oracle",
+            "product": "E-Business Suite",
+            "vulnerabilityName": "Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability",
+            "dateAdded": "2025-10-20",
+            "shortDescription": "Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle Configurator. This vulnerability is remotely exploitable without authentication.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-11-10",
+            "knownRansomwareCampaignUse": "Known",
+            "notes": "https:\/\/www.oracle.com\/security-alerts\/alert-cve-2025-61884.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-61884",
+            "cwes": [
+                "CWE-918"
+            ]
+        },
         {
             "cveID": "CVE-2025-54253",
             "vendorProject": "Adobe",
@@ -62,21 +180,6 @@
                 "CWE-284"
             ]
         },
-        {
-            "cveID": "CVE-2025-6264",
-            "vendorProject": "Rapid7",
-            "product": "Velociraptor",
-            "vulnerabilityName": "Rapid7 Velociraptor Incorrect Default Permissions Vulnerability",
-            "dateAdded": "2025-10-14",
-            "shortDescription": "Rapid7 Velociraptor contains an incorrect default permissions vulnerability that can lead to arbitrary command execution and endpoint takeover. To successfully exploit this vulnerability the user must already have access to collect artifacts from the endpoint.",
-            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
-            "dueDate": "2025-11-04",
-            "knownRansomwareCampaignUse": "Known",
-            "notes": "https:\/\/docs.velociraptor.app\/announcements\/advisories\/cve-2025-6264\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-6264",
-            "cwes": [
-                "CWE-276"
-            ]
-        },
         {
             "cveID": "CVE-2016-7836",
             "vendorProject": "SKYSEA",

regscale/models/integration_models/flat_file_importer/__init__.py

@@ -930,13 +930,13 @@ class FlatFileImporter(ABC):
         return dict_content
 
     @staticmethod
-    def determine_severity(s: str) -> str:
+    def determine_severity(s: Optional[str] = None) -> IssueSeverity:
         """
         Determine the CVSS severity of the vulnerability
 
-        :param str s: The severity
+        :param Optional[str] s: The severity, defaults to None
         :return: The severity
-        :rtype: str
+        :rtype: IssueSeverity
         """
         mapping = {
             "critical": IssueSeverity.Critical,
@@ -949,9 +949,7 @@ class FlatFileImporter(ABC):
             "info": IssueSeverity.NotAssigned,
             "unknown": IssueSeverity.NotAssigned,
         }
-        severity = "info"
-        if s:
-            severity = s.lower()
+        severity = s.lower() if s else "info"
         return mapping.get(severity, IssueSeverity.NotAssigned)
 
     @staticmethod