From 2312d02e8658e0f8246b06772516c1e5dab694a3 Mon Sep 17 00:00:00 2001 From: "Jonathan S. Katz" Date: Sun, 21 Mar 2021 14:54:32 -0400 Subject: [PATCH 1/3] Update CVE ID syntax validator The current validator stopped after 5 digits, whereas there can be an aribtrary amount. However, the MITRE docs appear to stop at 7, so this seems like a sane cut-off, until it's not[1]. [1] https://cve.mitre.org/cve/identifiers/syntaxchange.html#new --- pgweb/security/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pgweb/security/models.py b/pgweb/security/models.py index a961ff5..6f38764 100644 --- a/pgweb/security/models.py +++ b/pgweb/security/models.py @@ -20,7 +20,7 @@ component_choices = ( ) -re_cve = re.compile(r'^(\d{4})-(\d{4,5})$') +re_cve = re.compile(r'^(\d{4})-(\d{4,7})$') def cve_validator(val): -- 2.21.1 (Apple Git-122.3)