From 80f320222240a1f47ee2c7cf8f637d57c56f0dab Mon Sep 17 00:00:00 2001 From: "Daigneau, Jeremy T" Date: Fri, 5 Jan 2024 10:08:10 -0500 Subject: [PATCH 1/7] #1158 added isString validation to dateValidator --- src/controller/cve.controller/cve.middleware.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/controller/cve.controller/cve.middleware.js b/src/controller/cve.controller/cve.middleware.js index 7aa6a2954..62309b8ce 100644 --- a/src/controller/cve.controller/cve.middleware.js +++ b/src/controller/cve.controller/cve.middleware.js @@ -156,7 +156,7 @@ function validateCveCnaContainerJsonSchema (req, res, next) { */ function validateDatePublic (dateIndex) { // Check if datePublic is a future date - return body(dateIndex).optional({ nullable: true }).custom((datePublic) => { + return body(dateIndex).isString().withMessage('DatePublic must be a date string').optional({ nullable: true }).bail().custom((datePublic) => { if (datePublicHelper(datePublic)) { return true } From c8d950803fc53edbc0130a196f7b170060102142 Mon Sep 17 00:00:00 2001 From: "Daigneau, Jeremy T" Date: Fri, 5 Jan 2024 10:41:54 -0500 Subject: [PATCH 2/7] updated test db cve-id-range --- datadump/pre-population/cve-ids-range.json | 644 +++++++++++---------- 1 file changed, 329 insertions(+), 315 deletions(-) diff --git a/datadump/pre-population/cve-ids-range.json b/datadump/pre-population/cve-ids-range.json index 5e82185b1..ed66b3ece 100644 --- a/datadump/pre-population/cve-ids-range.json +++ b/datadump/pre-population/cve-ids-range.json @@ -1,363 +1,363 @@ [ { - "cve_year": 1999, - "ranges": { - "priority": { - "top_id": 5000, - "start": 5000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 1999, + "ranges": { + "priority": { + "top_id": 5000, + "start": 5000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2000, - "ranges": { - "priority": { - "top_id": 5000, - "start": 5000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2000, + "ranges": { + "priority": { + "top_id": 5000, + "start": 5000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2001, - "ranges": { - "priority": { - "top_id": 5000, - "start": 5000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2001, + "ranges": { + "priority": { + "top_id": 5000, + "start": 5000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2002, - "ranges": { - "priority": { - "top_id": 5000, - "start": 5000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2002, + "ranges": { + "priority": { + "top_id": 5000, + "start": 5000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2003, - "ranges": { - "priority": { - "top_id": 5000, - "start": 5000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2003, + "ranges": { + "priority": { + "top_id": 5000, + "start": 5000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2004, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2004, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2005, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2005, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2006, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2006, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2007, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2007, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2008, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2008, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2009, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2009, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2010, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2010, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2011, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2011, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2012, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2012, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2013, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2013, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2014, - "ranges": { - "priority": { - "top_id": 125000, - "start": 125000, - "end": 125000 - }, - "general": { - "top_id": 125000, - "start": 125000, - "end": 450000 - } - } + "cve_year": 2014, + "ranges": { + "priority": { + "top_id": 125000, + "start": 125000, + "end": 125000 + }, + "general": { + "top_id": 125000, + "start": 125000, + "end": 450000 + } + } }, { - "cve_year": 2015, - "ranges": { - "priority": { - "top_id": 10000, - "start": 10000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 999999 - } - } + "cve_year": 2015, + "ranges": { + "priority": { + "top_id": 10000, + "start": 10000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 999999 + } + } }, { - "cve_year": 2016, - "ranges": { - "priority": { - "top_id": 15000, - "start": 15000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 550000 - } - } + "cve_year": 2016, + "ranges": { + "priority": { + "top_id": 15000, + "start": 15000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 550000 + } + } }, { - "cve_year": 2017, - "ranges": { - "priority": { - "top_id": 20000, - "start": 20000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 999999 - } - } + "cve_year": 2017, + "ranges": { + "priority": { + "top_id": 20000, + "start": 20000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 999999 + } + } }, { - "cve_year": 2018, - "ranges": { - "priority": { - "top_id": 25000, - "start": 25000, - "end": 25000 - }, - "general": { - "top_id": 25000, - "start": 25000, - "end": 550000 - } - } + "cve_year": 2018, + "ranges": { + "priority": { + "top_id": 25000, + "start": 25000, + "end": 25000 + }, + "general": { + "top_id": 25000, + "start": 25000, + "end": 550000 + } + } }, { - "cve_year": 2019, - "ranges": { - "priority": { - "top_id": 25000, - "start": 25000, - "end": 25000 - }, - "general": { - "top_id": 25000, - "start": 25000, - "end": 999999 - } - } + "cve_year": 2019, + "ranges": { + "priority": { + "top_id": 25000, + "start": 25000, + "end": 25000 + }, + "general": { + "top_id": 25000, + "start": 25000, + "end": 999999 + } + } }, { - "cve_year": 2020, - "ranges": { - "priority": { - "top_id": 35000, - "start": 35000, - "end": 35000 - }, - "general": { - "top_id": 35000, - "start": 35000, - "end": 50000000 - } - } + "cve_year": 2020, + "ranges": { + "priority": { + "top_id": 35000, + "start": 35000, + "end": 35000 + }, + "general": { + "top_id": 35000, + "start": 35000, + "end": 50000000 + } + } }, { - "cve_year": 2021, - "ranges": { - "priority": { - "top_id": 3000, - "start": 3000, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2021, + "ranges": { + "priority": { + "top_id": 3000, + "start": 3000, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { - "cve_year": 2022, - "ranges": { - "priority": { - "top_id": 0, - "start": 0, - "end": 20000 - }, - "general": { - "top_id": 20000, - "start": 20000, - "end": 50000000 - } - } + "cve_year": 2022, + "ranges": { + "priority": { + "top_id": 0, + "start": 0, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } }, { "cve_year": 2023, @@ -373,6 +373,20 @@ "end": 50000000 } } - } - ] - \ No newline at end of file + }, + { + "cve_year": 2024, + "ranges": { + "priority": { + "top_id": 0, + "start": 0, + "end": 20000 + }, + "general": { + "top_id": 20000, + "start": 20000, + "end": 50000000 + } + } + } +] \ No newline at end of file From 97137362b4d1866ca29456aca5a3fc3c44402f89 Mon Sep 17 00:00:00 2001 From: david-rocca Date: Fri, 5 Jan 2024 12:33:19 -0500 Subject: [PATCH 3/7] #1157 Fixed bug where character length was being enforced on body and not query --- src/controller/org.controller/index.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/controller/org.controller/index.js b/src/controller/org.controller/index.js index 1c94e1b52..c47c2949f 100644 --- a/src/controller/org.controller/index.js +++ b/src/controller/org.controller/index.js @@ -726,10 +726,10 @@ router.put('/org/:shortname/user/:username', query(['active']).optional().isBoolean({ loose: true }), query(['new_username']).optional().isString().trim().notEmpty().custom(isValidUsername), query(['org_short_name']).optional().isString().trim().notEmpty().isLength({ min: CONSTANTS.MIN_SHORTNAME_LENGTH, max: CONSTANTS.MAX_SHORTNAME_LENGTH }), - body(['name.first']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_FIRSTNAME_LENGTH }).withMessage(errorMsgs.FIRSTNAME_LENGTH), - body(['name.last']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_LASTNAME_LENGTH }).withMessage(errorMsgs.LASTNAME_LENGTH), - body(['name.middle']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_MIDDLENAME_LENGTH }).withMessage(errorMsgs.MIDDLENAME_LENGTH), - body(['name.suffix']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_SUFFIX_LENGTH }).withMessage(errorMsgs.SUFFIX_LENGTH), + query(['name.first']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_FIRSTNAME_LENGTH }).withMessage(errorMsgs.FIRSTNAME_LENGTH), + query(['name.last']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_LASTNAME_LENGTH }).withMessage(errorMsgs.LASTNAME_LENGTH), + query(['name.middle']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_MIDDLENAME_LENGTH }).withMessage(errorMsgs.MIDDLENAME_LENGTH), + query(['name.suffix']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_SUFFIX_LENGTH }).withMessage(errorMsgs.SUFFIX_LENGTH), query(['active_roles.add']).optional().toArray() .custom(isFlatStringArray) .customSanitizer(toUpperCaseArray) From e94f13162290301601eb683377376ef63954f312 Mon Sep 17 00:00:00 2001 From: david-rocca Date: Fri, 5 Jan 2024 12:33:55 -0500 Subject: [PATCH 4/7] #1157 Added correct PUT tests to check the query parameters. --- test/integration-tests/user/updateUserTest.js | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/test/integration-tests/user/updateUserTest.js b/test/integration-tests/user/updateUserTest.js index f25d55f70..493a1be08 100644 --- a/test/integration-tests/user/updateUserTest.js +++ b/test/integration-tests/user/updateUserTest.js @@ -29,5 +29,41 @@ describe('Testing Edit user endpoint', () => { expect(res.body.error).to.contain('NOT_ORG_ADMIN_OR_SECRETARIAT_UPDATE') }) }) + it('Should not allow a first name of more than 100 characters', async () => { + await chai.request(app) + .put('/api/org/win_5/user/jasminesmith@win_5.com?name.first=1:1234567,2:1234567,3:1234567,4:1234567,5:1234567,6:1234567,7:1234567,8:1234567,9:1234567,10:1234567,11:1234567') + .set(constants.nonSecretariatUserHeaders) + .then((res, err) => { + expect(res).to.have.status(400) + expect(res.body.error).to.contain('BAD_INPUT') + }) + }) + it('Should not allow a middle name of more than 100 characters', async () => { + await chai.request(app) + .put('/api/org/win_5/user/jasminesmith@win_5.com?name.middle=1:1234567,2:1234567,3:1234567,4:1234567,5:1234567,6:1234567,7:1234567,8:1234567,9:1234567,10:1234567,11:1234567') + .set(constants.nonSecretariatUserHeaders) + .then((res, err) => { + expect(res).to.have.status(400) + expect(res.body.error).to.contain('BAD_INPUT') + }) + }) + it('Should not allow a last name of more than 100 characters', async () => { + await chai.request(app) + .put('/api/org/win_5/user/jasminesmith@win_5.com?name.last=1:1234567,2:1234567,3:1234567,4:1234567,5:1234567,6:1234567,7:1234567,8:1234567,9:1234567,10:1234567,11:1234567') + .set(constants.nonSecretariatUserHeaders) + .then((res, err) => { + expect(res).to.have.status(400) + expect(res.body.error).to.contain('BAD_INPUT') + }) + }) + it('Should not allow a suffix of more than 100 characters', async () => { + await chai.request(app) + .put('/api/org/win_5/user/jasminesmith@win_5.com?name.suffix=1:1234567,2:1234567,3:1234567,4:1234567,5:1234567,6:1234567,7:1234567,8:1234567,9:1234567,10:1234567,11:1234567') + .set(constants.nonSecretariatUserHeaders) + .then((res, err) => { + expect(res).to.have.status(400) + expect(res.body.error).to.contain('BAD_INPUT') + }) + }) }) }) From 11282ebbd3f16184b695cac36e1995f66e4080fd Mon Sep 17 00:00:00 2001 From: "Daigneau, Jeremy T" Date: Fri, 5 Jan 2024 14:55:19 -0500 Subject: [PATCH 5/7] #1159 added bail() to break out of user creation validation chain --- src/controller/org.controller/index.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/controller/org.controller/index.js b/src/controller/org.controller/index.js index c47c2949f..15a160a62 100644 --- a/src/controller/org.controller/index.js +++ b/src/controller/org.controller/index.js @@ -558,6 +558,7 @@ router.post('/org/:shortname/user', body(['name.suffix']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_SUFFIX_LENGTH }).withMessage(errorMsgs.SUFFIX_LENGTH), body(['authority.active_roles']).optional() .custom(mw.isFlatStringArray) + .bail() .customSanitizer(toUpperCaseArray) .custom(isUserRole), parseError, @@ -732,6 +733,7 @@ router.put('/org/:shortname/user/:username', query(['name.suffix']).optional().isString().trim().isLength({ max: CONSTANTS.MAX_SUFFIX_LENGTH }).withMessage(errorMsgs.SUFFIX_LENGTH), query(['active_roles.add']).optional().toArray() .custom(isFlatStringArray) + .bail() .customSanitizer(toUpperCaseArray) .custom(isUserRole).withMessage(errorMsgs.USER_ROLES), query(['active_roles.remove']).optional().toArray() From bf840fbe8265aa3f4b9e9710afa601cbd9c91aac Mon Sep 17 00:00:00 2001 From: david-rocca Date: Mon, 8 Jan 2024 12:51:01 -0500 Subject: [PATCH 6/7] #1164 Fix typeo...that has been there for two years --- schemas/cve/create-full-cve-record-request.json | 2 +- schemas/cve/get-cve-record-response.json | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/schemas/cve/create-full-cve-record-request.json b/schemas/cve/create-full-cve-record-request.json index c7cfe0b7c..7d1122e5e 100644 --- a/schemas/cve/create-full-cve-record-request.json +++ b/schemas/cve/create-full-cve-record-request.json @@ -200,7 +200,7 @@ "dataType": { "type": "string" }, - "dateVersion": { + "dataVersion": { "type": "string" } } diff --git a/schemas/cve/get-cve-record-response.json b/schemas/cve/get-cve-record-response.json index 8891b759e..74f0ecef8 100644 --- a/schemas/cve/get-cve-record-response.json +++ b/schemas/cve/get-cve-record-response.json @@ -134,8 +134,8 @@ "dataType": { "type": "string" }, - "dateVersion": { - "type": "integer" + "dataVersion": { + "type": "string" } } } \ No newline at end of file From 0f3d6150ca54799d2d00e51a5b23d676d95e1018 Mon Sep 17 00:00:00 2001 From: "Daigneau, Jeremy T" Date: Wed, 10 Jan 2024 10:22:33 -0500 Subject: [PATCH 7/7] Removed calls to validateDatePublic --- src/controller/cve.controller/cve.middleware.js | 2 ++ src/controller/cve.controller/index.js | 7 +------ 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/src/controller/cve.controller/cve.middleware.js b/src/controller/cve.controller/cve.middleware.js index 62309b8ce..d1aabf80b 100644 --- a/src/controller/cve.controller/cve.middleware.js +++ b/src/controller/cve.controller/cve.middleware.js @@ -149,6 +149,8 @@ function validateCveCnaContainerJsonSchema (req, res, next) { /** * Checks that datePublic field is not a future date + * Note: As of 01/10/24, this is not utilized. Further discussion is needed to agree on an + * implementation that will be less disruptive but still prevents invalid data. * * @param {String} dateIndex * @returns true diff --git a/src/controller/cve.controller/index.js b/src/controller/cve.controller/index.js index a2a9cb95a..307d0bfff 100644 --- a/src/controller/cve.controller/index.js +++ b/src/controller/cve.controller/index.js @@ -4,7 +4,7 @@ const mw = require('../../middleware/middleware') const errorMsgs = require('../../middleware/errorMessages') const controller = require('./cve.controller') const { body, param, query } = require('express-validator') -const { parseGetParams, parsePostParams, parseError, validateCveCnaContainerJsonSchema, validateCveAdpContainerJsonSchema, validateRejectBody, validateUniqueEnglishEntry, validateDescription, validateDatePublic } = require('./cve.middleware') +const { parseGetParams, parsePostParams, parseError, validateCveCnaContainerJsonSchema, validateCveAdpContainerJsonSchema, validateRejectBody, validateUniqueEnglishEntry, validateDescription } = require('./cve.middleware') const getConstants = require('../../constants').getConstants const CONSTANTS = getConstants() const CHOICES = [CONSTANTS.CVE_STATES.REJECTED, CONSTANTS.CVE_STATES.PUBLISHED] @@ -442,7 +442,6 @@ router.post('/cve/:id', // the lang key to check depends on the state, so pass both validateUniqueEnglishEntry(['containers.cna.descriptions', 'containers.cna.rejectedReasons']), validateDescription(['containers.cna.rejectedReasons', 'containers.cna.descriptions', 'containers.cna.problemTypes[0].descriptions']), - validateDatePublic(['containers.cna.datePublic']), param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX), parseError, parsePostParams, @@ -527,7 +526,6 @@ router.put('/cve/:id', // the lang key to check depends on the state, so pass both validateUniqueEnglishEntry(['containers.cna.descriptions', 'containers.cna.rejectedReasons']), validateDescription(['containers.cna.rejectedReasons', 'containers.cna.descriptions', 'containers.cna.problemTypes[0].descriptions']), - validateDatePublic(['containers.cna.datePublic']), param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX), parseError, parsePostParams, @@ -613,7 +611,6 @@ router.post('/cve/:id/cna', validateCveCnaContainerJsonSchema, validateUniqueEnglishEntry('cnaContainer.descriptions'), validateDescription(['cnaContainer.descriptions', 'cnaContainer.problemTypes[0].descriptions']), - validateDatePublic(['cnaContainer.datePublic']), param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX), parseError, parsePostParams, @@ -700,7 +697,6 @@ router.put('/cve/:id/cna', validateCveCnaContainerJsonSchema, validateUniqueEnglishEntry('cnaContainer.descriptions'), validateDescription(['cnaContainer.descriptions', 'cnaContainer.problemTypes[0].descriptions']), - validateDatePublic(['cnaContainer.datePublic']), param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX), parseError, parsePostParams, @@ -959,7 +955,6 @@ router.put('/cve/:id/adp', mw.validateUser, mw.onlyAdps, validateCveAdpContainerJsonSchema, - validateDatePublic(['adpContainer.datePublic']), param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX), parseError, parsePostParams,