[backend] Finding name is incomplete when location.path is missing

  1. Vulnerability column of Security tab shows incomplete information when the field location.path is blank.

Screenshot_2022-12-08_at_1.12.52_PM

  1. The details in Vulnerability tab are filled as per the following precedence:
identifier = identifiers.find(&:cve?) || identifiers.find(&:cwe?) || identifiers.first

ref here

As a part of this issue, we can document the behaviour and discuss if fixing incomplete information on UI is required.

Details

Copied from a slack thread

Location field in schema is allowed blank so if it’s blank it shows the incomplete message like CWE in which we can change to make it more user readable. In our code we have this logic: (...) Meaning if Location.path is empty like this:

      "location": {
        "hostname": "http://auth-auto:8090",
        "method": "",
        "param": "",
        "path": ""
      },

then it generates incomplete message like CWE in

Edited by Thiago Figueiró