Merge branch 'dev' into dependabot/npm_and_yarn/mongoose-8.8.3

CVEProject · Jan 7, 2025 · 473006a · 473006a
2 parents 2b0771c + 5737a45
commit 473006a
Show file tree

Hide file tree

Showing 5 changed files with 3,455 additions and 2,369 deletions.
diff --git a/.env b/.env
@@ -1,4 +1,8 @@
 PORT = 3000
 LOCAL_KEY=TCF25YM-39C4H6D-KA32EGF-V5XSHN3
+# The duration of the rate limiting window in seconds.
+# This defines the time frame for which the rate limit is applied.
 RATE_LIMIT_WINDOW_SECONDS=60
+# The maximum number of connections allowed within the rate limiting window.
+# This sets the threshold for how many requests can be made in the specified time frame.
 RATE_LIMIT_MAX_CONNECTIONS=1000
diff --git a/api-docs/openapi.json b/api-docs/openapi.json
@@ -3973,6 +3973,11 @@
               "items": {
                 "type": "object",
                 "anyOf": [
+                  {
+                    "required": [
+                      "cvssV4_0"
+                    ]
+                  },
                   {
                     "required": [
                       "cvssV3_1"
@@ -4018,6 +4023,271 @@
                       ]
                     }
                   },
+                  "cvssV4_0": {
+                    "$schema": "http://json-schema.org/draft-07/schema#",
+                    "additionalProperties": false,
+                    "allOf": [
+                      {
+                        "properties": {
+                          "baseScore": {
+                            "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"
+                          },
+                          "baseSeverity": {
+                            "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"
+                          }
+                        }
+                      },
+                      {
+                        "properties": {
+                          "threatScore": {
+                            "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"
+                          },
+                          "threatSeverity": {
+                            "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"
+                          }
+                        }
+                      },
+                      {
+                        "properties": {
+                          "environmentalScore": {
+                            "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"
+                          },
+                          "environmentalSeverity": {
+                            "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"
+                          }
+                        }
+                      }
+                    ],
+                    "definitions": {
+                      "attackComplexityType": {
+                        "type": "string"
+                      },
+                      "attackRequirementsType": {
+                        "type": "string"
+                      },
+                      "attackVectorType": {
+                        "type": "string"
+                      },
+                      "automatableType": {
+                        "type": "string"
+                      },
+                      "ciaRequirementType": {
+                        "type": "string"
+                      },
+                      "criticalScoreType": {
+                        "type": "number"
+                      },
+                      "criticalSeverityType": {
+                        "const": "string"
+                      },
+                      "exploitMaturityType": {
+                        "type": "string"
+                      },
+                      "highScoreType": {
+                        "type": "number"
+                      },
+                      "highSeverityType": {
+                        "type": "string"
+                      },
+                      "lowScoreType": {
+                        "type": "number"
+                      },
+                      "lowSeverityType": {
+                        "type": "string"
+                      },
+                      "mediumScoreType": {
+                        "type": "number"
+                      },
+                      "mediumSeverityType": {
+                        "const": "string"
+                      },
+                      "modifiedAttackComplexityType": {
+                        "type": "string"
+                      },
+                      "modifiedAttackRequirementsType": {
+                        "type": "string"
+                      },
+                      "modifiedAttackVectorType": {
+                        "type": "string"
+                      },
+                      "modifiedPrivilegesRequiredType": {
+                        "type": "string"
+                      },
+                      "modifiedSubCType": {
+                        "type": "string"
+                      },
+                      "modifiedSubIaType": {
+                        "type": "string"
+                      },
+                      "modifiedUserInteractionType": {
+                        "type": "string"
+                      },
+                      "modifiedVulnCiaType": {
+                        "type": "string"
+                      },
+                      "noneScoreType": {
+                        "type": "number"
+                      },
+                      "noneSeverityType": {
+                        "const": "string"
+                      },
+                      "privilegesRequiredType": {
+                        "type": "string"
+                      },
+                      "providerUrgencyType": {
+                        "type": "string"
+                      },
+                      "recoveryType": {
+                        "type": "string"
+                      },
+                      "safetyType": {
+                        "type": "string"
+                      },
+                      "scoreType": {
+                        "type": "number"
+                      },
+                      "severityType": {
+                        "type": "string"
+                      },
+                      "subCiaType": {
+                        "type": "string"
+                      },
+                      "userInteractionType": {
+                        "type": "string"
+                      },
+                      "valueDensityType": {
+                        "type": "string"
+                      },
+                      "vulnCiaType": {
+                        "type": "string"
+                      },
+                      "vulnerabilityResponseEffortType": {
+                        "type": "string"
+                      }
+                    },
+                    "properties": {
+                      "Automatable": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType"
+                      },
+                      "Recovery": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType"
+                      },
+                      "Safety": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType"
+                      },
+                      "attackComplexity": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType"
+                      },
+                      "attackRequirements": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType"
+                      },
+                      "attackVector": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType"
+                      },
+                      "availabilityRequirement": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"
+                      },
+                      "baseScore": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType"
+                      },
+                      "baseSeverity": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType"
+                      },
+                      "confidentialityRequirement": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"
+                      },
+                      "exploitMaturity": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType"
+                      },
+                      "integrityRequirement": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"
+                      },
+                      "modifiedAttackComplexity": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType"
+                      },
+                      "modifiedAttackRequirements": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType"
+                      },
+                      "modifiedAttackVector": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType"
+                      },
+                      "modifiedPrivilegesRequired": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType"
+                      },
+                      "modifiedSubAvailabilityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType"
+                      },
+                      "modifiedSubConfidentialityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType"
+                      },
+                      "modifiedSubIntegrityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType"
+                      },
+                      "modifiedUserInteraction": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType"
+                      },
+                      "modifiedVulnAvailabilityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"
+                      },
+                      "modifiedVulnConfidentialityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"
+                      },
+                      "modifiedVulnIntegrityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"
+                      },
+                      "privilegesRequired": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType"
+                      },
+                      "providerUrgency": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType"
+                      },
+                      "subAvailabilityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"
+                      },
+                      "subConfidentialityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"
+                      },
+                      "subIntegrityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"
+                      },
+                      "userInteraction": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType"
+                      },
+                      "valueDensity": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType"
+                      },
+                      "vectorString": {
+                        "type": "string"
+                      },
+                      "version": {
+                        "description": "CVSS Version",
+                        "enum": [
+                          "4.0"
+                        ],
+                        "type": "string"
+                      },
+                      "vulnAvailabilityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"
+                      },
+                      "vulnConfidentialityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"
+                      },
+                      "vulnIntegrityImpact": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"
+                      },
+                      "vulnerabilityResponseEffort": {
+                        "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType"
+                      }
+                    },
+                    "required": [
+                      "version",
+                      "vectorString",
+                      "baseScore",
+                      "baseSeverity"
+                    ],
+                    "title": "JSON Schema for Common Vulnerability Scoring System version 4.0",
+                    "type": "object"
+                  },
                   "cvssV3_1": {
                     "$schema": "http://json-schema.org/draft-07/schema#",
                     "type": "object",