From 83834e3f7f0abe7d93d1448aa9bf7ecfe79ae2a0 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Mon, 30 Jan 2023 08:48:17 +0100
Subject: [PATCH 01/10] Global Audit View: Vulnerabilities

Adds a new view in the sidebar, Vulnerability Audit, which either shows
every finding by occurrence or every finding grouped by vulnerability
(both are filtered by ACL and other optional filters).
Makes it possible to easily audit every finding of one's projects in one
place.

`VIEW_VULNERABILITY` permission is required to access the view.

Signed-off-by: RBickert <rbt@mm-software.com>
---
 src/containers/DefaultContainer.vue           |  18 +-
 src/i18n/locales/en.json                      |  15 +-
 src/router/index.js                           |  13 +
 src/shared/utils.js                           |   2 +-
 src/views/globalAudit/VulnerabilityAudit.vue  |  62 +++
 .../VulnerabilityAuditByOccurrence.vue        | 437 ++++++++++++++++++
 ...lnerabilityAuditGroupedByVulnerability.vue | 383 +++++++++++++++
 7 files changed, 927 insertions(+), 3 deletions(-)
 create mode 100644 src/views/globalAudit/VulnerabilityAudit.vue
 create mode 100644 src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
 create mode 100644 src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue

diff --git a/src/containers/DefaultContainer.vue b/src/containers/DefaultContainer.vue
index d89bacd8a..2c497315b 100644
--- a/src/containers/DefaultContainer.vue
+++ b/src/containers/DefaultContainer.vue
@@ -114,7 +114,23 @@
           url: '/admin',
           icon: 'fa fa-cogs',
           permission: permissions.SYSTEM_CONFIGURATION
-        }
+        },
+        {
+          title: true,
+          name: this.$t('message.global_audit'),
+          class: '',
+          wrapper: {
+            element: '',
+            attributes: {}
+          },
+          permission: permissions.VIEW_VULNERABILITY
+        },
+        {
+          name: this.$t('message.vulnerability_audit'),
+          url: '/vulnerabilityAudit',
+          icon: 'fa fa-tasks',
+          permission: permissions.VIEW_VULNERABILITY
+        },
       ]
       }
     },
diff --git a/src/i18n/locales/en.json b/src/i18n/locales/en.json
index 3a0a08058..b3254ad1b 100644
--- a/src/i18n/locales/en.json
+++ b/src/i18n/locales/en.json
@@ -76,6 +76,8 @@
     "last_bom_import": "Last BOM Import",
     "overview": "Overview",
     "audit": "Audit",
+    "global_audit": "Global Audit",
+    "vulnerability_audit": "Vulnerability Audit",
     "audit_vulnerabilities": "Audit Vulnerabilities",
     "policy_violations": "Policy Violations",
     "policy_violations_by_classification": "Policy Violations by Classification",
@@ -128,6 +130,8 @@
     "project_cloning_in_progress": "The project is being created with the cloning options specified",
     "vulnerability": "Vulnerability",
     "analysis": "Analysis",
+    "analysis_status": "Analysis Status",
+    "analysis_state": "Analysis State",
     "analysis_tooltip": "The current state of an occurrence of a vulnerability",
     "justification": "Justification",
     "justification_tooltip": "The rationale of why the impact analysis state was asserted to be \"Not Affected\"",
@@ -210,6 +214,7 @@
     "rollback": "Rollback",
     "workaround_available": "Workaround available",
     "response": "Vendor Response (project)",
+    "vendor_response": "Vendor Response",
     "response_tooltip": "A response to the vulnerability by the manufacturer, supplier, or project responsible for the affected component or service",
     "analysis_details_tooltip": "Details (explanation, workaround details, and other impact information)",
     "updated": "Updated",
@@ -511,7 +516,15 @@
     "show_complete_graph": "Show complete graph",
     "not_found_in_dependency_graph": "Dependency could not be found in dependency graph",
     "reindex": "Rebuild index(es)",
-    "show_update_information": "Highlight outdated components"
+    "show_update_information": "Highlight outdated components",
+    "filters": "Filters",
+    "clear_all": "Clear all",
+    "text_search": "Text Search",
+    "from": "From",
+    "to": "To",
+    "vulnerabilities_by_occurrence": "Vulnerabilities By Occurrence",
+    "grouped_vulnerabilities": "Grouped Vulnerabilities",
+    "occurrences_in_projects": "Occurrences in projects"
   },
   "admin": {
     "configuration": "Configuration",
diff --git a/src/router/index.js b/src/router/index.js
index 945d67bec..d016ff937 100644
--- a/src/router/index.js
+++ b/src/router/index.js
@@ -13,6 +13,7 @@ const Dashboard = () => import('@/views/Dashboard');
 const ProjectList = () => import('@/views/portfolio/projects/ProjectList');
 const ComponentSearch = () => import('@/views/portfolio/components/ComponentSearch');
 const VulnerabilityList = () => import('@/views/portfolio/vulnerabilities/VulnerabilityList');
+const VulnerabilityAudit = () => import('@/views/globalAudit/VulnerabilityAudit');
 const LicenseList = () => import('@/views/portfolio/licenses/LicenseList');
 const PolicyManagement = () => import('@/views/policy/PolicyManagement');
 const Project = () => import('@/views/portfolio/projects/Project');
@@ -592,6 +593,18 @@ function configRoutes() {
             }
           ]
         },
+        {
+          path: 'vulnerabilityAudit',
+          name: 'Vulnerability Audit',
+          alias: ['vulnerabilityAudit/occurrences', 'vulnerabilityAudit/grouped'],
+          component: VulnerabilityAudit,
+          meta: {
+            title: i18n.t('message.vulnerability_audit'),
+            i18n: 'message.vulnerability_audit',
+            sectionPath: '/globalAudit',
+            permission: 'VIEW_VULNERABILITY'
+          }
+        },
         // The following route redirects URLs from legacy Dependency-Track UI to new URL format.
         {
           // Old: http://host/project/?uuid=3a38aedf-e9e9-4e0a-8913-2d99951aa76d
diff --git a/src/shared/utils.js b/src/shared/utils.js
index 7b86e33cf..dff674396 100644
--- a/src/shared/utils.js
+++ b/src/shared/utils.js
@@ -37,7 +37,7 @@ export function getRedirectUrl(router) {
 // An array of acceptable root context paths defined in the UI.
 const acceptableRootContextPaths = [
     '/dashboard', '/projects', '/components', '/services', '/vulnerabilities', '/licenses', '/policy', '/admin',
-    '/project', '/component', '/vulnerability', '/license', '/login', '/change-password'
+    '/project', '/component', '/vulnerability', '/license', '/vulnerabilityAudit', '/login', '/change-password'
 ];
 
 /**
diff --git a/src/views/globalAudit/VulnerabilityAudit.vue b/src/views/globalAudit/VulnerabilityAudit.vue
new file mode 100644
index 000000000..e34c2e1d4
--- /dev/null
+++ b/src/views/globalAudit/VulnerabilityAudit.vue
@@ -0,0 +1,62 @@
+<template>
+  <div class="animated fadeIn" v-model="tabIndex" v-permission="'VIEW_VULNERABILITY'">
+    <b-tabs class="body-bg-color" style="border-left: 0; border-right:0; border-top:0 ">
+      <b-tab ref="occurrences" style="border-left: 0; border-right:0; border-top:0 " @click="routeTo()" :active="tabIndex === 0" :lazy="!visitedTabs.has(0)">
+        <template v-slot:title><i class="fa fa-shield"></i> {{ $t('message.vulnerabilities_by_occurrence') }}</template>
+        <VulnerabilityAuditByOccurrence />
+      </b-tab>
+      <b-tab ref="grouped" style="border-left: 0; border-right:0; border-top:0 " @click="routeTo('grouped')" :active="tabIndex === 1" :lazy="!visitedTabs.has(1)">
+        <template v-slot:title><i class="fa fa-shield"></i> {{ $t('message.grouped_vulnerabilities') }}</template>
+        <VulnerabilityAuditGroupedByVulnerability />
+      </b-tab>
+    </b-tabs>
+  </div>
+</template>
+
+<script>
+import permissionsMixin from "@/mixins/permissionsMixin";
+import VulnerabilityAuditGroupedByVulnerability from "@/views/globalAudit/VulnerabilityAuditGroupedByVulnerability";
+import VulnerabilityAuditByOccurrence from "@/views/globalAudit/VulnerabilityAuditByOccurrence";
+
+export default {
+  mixins: [permissionsMixin],
+  components: {
+    VulnerabilityAuditByOccurrence,
+    VulnerabilityAuditGroupedByVulnerability,
+  },
+  methods: {
+    routeTo(path) {
+      if (path) {
+        this.visitedTabs.add(path === 'grouped' ? 1 : 0);
+        if (!this.$route.fullPath.toLowerCase().includes('/' + path.toLowerCase())) {
+          this.$router.push({path: '/vulnerabilityAudit/' + path});
+        }
+      } else if (this.$route.fullPath !== '/audit' && this.$route.fullPath !== '/vulnerabilityAudit/') {
+        this.visitedTabs.add(0)
+        this.$router.push({path: '/vulnerabilityAudit/'});
+      }
+    },
+    getTabFromRoute: function () {
+      let pattern = new RegExp("/vulnerabilityAudit\\/([^\\/]*)", "gi");
+      let tab = pattern.exec(this.$route.fullPath.toLowerCase());
+      (tab && tab[1] && tab[1].toLowerCase() === 'grouped') ? this.tabIndex = 1 : this.tabIndex = 0;
+      return this.$refs[(tab && tab[1]) ? tab[1].toLowerCase() : 'occurrences']
+    }
+  },
+  beforeMount() {
+    this.getTabFromRoute();
+    this.visitedTabs.add(this.tabIndex);
+  },
+  watch:{
+    $route (to, from){
+      this.getTabFromRoute().activate();
+    }
+  },
+  data() {
+    return {
+      tabIndex: 0,
+      visitedTabs: new Set()
+    }
+  },
+};
+</script>
diff --git a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
new file mode 100644
index 000000000..ced15cac4
--- /dev/null
+++ b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
@@ -0,0 +1,437 @@
+<template>
+  <div>
+    <b-row>
+      <b-col xs="6" sm="4" md="4" lg="2" id="filter-controls">
+        <div>
+          <h3 style="display: inline">{{ this.$t('message.filters') }}</h3><b-button size="md" variant="outline-primary" style="float: right" @click="clearAllFilters()">
+          {{ this.$t('message.clear_all') }}</b-button>
+          <br><br>
+          <b-form-group id="showInactive-form-group" :label="this.$t('message.projects')">
+            <b-form-checkbox
+              id="showInactive-form-checkbox"
+              v-model="showInactive"
+              value="true"
+              unchecked-value="false">
+              {{ this.$t('message.show_inactive_projects') }}
+            </b-form-checkbox>
+          </b-form-group>
+          <b-form-group id="showSuppressed-form-group" :label="this.$t('message.analysis_status')">
+            <b-form-checkbox
+              id="showSuppressed-form-checkbox"
+              v-model="showSuppressed"
+              value="true"
+              unchecked-value="false">
+              {{ this.$t('message.show_suppressed_findings') }}
+            </b-form-checkbox>
+          </b-form-group>
+          <b-form-group id="severity-form-group" :label="this.$t('message.severity')">
+            <b-form-checkbox-group
+              id="severity-form-checkbox-group"
+              v-model="severitySelected"
+              :options="severityOptions"
+              stacked>
+            </b-form-checkbox-group>
+          </b-form-group>
+          <b-form-group id="analysis-status-form-group" :label="this.$t('message.analysis_state')">
+            <b-form-checkbox-group
+              id="analysis-status-form-checkbox-group"
+              v-model="analysisStatusSelected"
+              :options="analysisStatusOptions"
+              stacked>
+            </b-form-checkbox-group>
+          </b-form-group>
+          <b-form-group id="vendor-response-form-group" :label="this.$t('message.vendor_response')">
+            <b-form-checkbox-group
+              id="vendor-response-form-checkbox-group"
+              v-model="vendorResponseSelected"
+              :options="vendorResponseOptions"
+              stacked>
+            </b-form-checkbox-group>
+          </b-form-group>
+          <b-form-group id="publish-date-form-group" :label="this.$t('message.published')">
+            <b-datepicker id="publish-date-datepicker-from" v-model="publishDateFrom" :max="publishDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
+            <b-datepicker id="publish-date-datepicker-to" v-model="publishDateTo" :min="publishDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
+          </b-form-group>
+          <b-form-group id="attributed-on-date-form-group" :label="this.$t('message.attributed_on')">
+            <b-datepicker id="attributed-on-datepicker-from" v-model="attributedOnDateFrom" :max="attributedOnDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
+            <b-datepicker id="attributed-on-datepicker-to" v-model="attributedOnDateTo" :min="attributedOnDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
+          </b-form-group>
+          <b-form-group id="text-search-form-group" :label="this.$t('message.text_search')">
+            <b-form-input id="text-search-form-input" v-model="textSearchInput" debounce="750" :placeholder="this.$t('message.search')"></b-form-input>
+            Search in:
+            <b-form-checkbox-group
+              id="text-search-form-checkbox-group"
+              v-model="textSearchSelected"
+              :options="textSearchOptions"
+              stacked>
+            </b-form-checkbox-group>
+          </b-form-group>
+          <b-form-group id="cvss-form-group" :label="this.$t('message.cvss')">
+            <b-form-row>
+              <b-col><b-form-input id="cvss-from-form-input" v-model="cvssFrom" type="number" min="0" :max="cvssUpperLimit()" step="0.1" debounce="750" :state="cvssFromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+              <b-col><b-form-input id="cvss-to-form-input" v-model="cvssTo" type="number" :min="cvssLowerLimit()" max="10" step="0.1" debounce="750" :state="cvssToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+            </b-form-row>
+          </b-form-group>
+        </div>
+      </b-col>
+      <b-col xs="6" sm="8" md="8" lg="10">
+        <bootstrap-table
+          ref="table"
+          :columns="columns"
+          :data="data"
+          :options="options">
+        </bootstrap-table>
+      </b-col>
+    </b-row>
+  </div>
+</template>
+
+<script>
+import common from "@/shared/common";
+import xssFilters from "xss-filters";
+import $ from "jquery";
+
+  export default {
+    computed: {
+      watchers() {
+        return [this.showInactive, this.showSuppressed, this.severitySelected, this.analysisStatusSelected, this.vendorResponseSelected,
+          this.publishDateFrom, this.publishDateTo, this.attributedOnDateFrom, this.attributedOnDateTo]
+      }
+    },
+    beforeMount() {
+      this.initializeWatchers();
+      this.textSearchSelected = this.textSearchOptions.map(option => option.value);
+    },
+    methods: {
+      initializeWatchers: function () {
+        this.simpleWatcher = this.$watch('watchers', () => this.refreshTable());
+        this.textSearchSelectedWatcher = this.$watch('textSearchSelected', () => {
+          if (this.textSearchInput.trim().length !== 0 ) {
+            this.refreshTable();
+          }
+        });
+        this.textSearchInputWatcher = this.$watch('textSearchInput', (newInput, oldInput) => {
+          if (!(newInput.trim().length === 0 && oldInput.trim().length === 0)) {
+            this.refreshTable();
+          }
+        });
+        this.cvssFromWatcher = this.$watch('cvssFrom', () => {
+          if (this.cvssFromState() !== false) {
+            this.refreshTable();
+          }
+        });
+        this.cvssToWatcher = this.$watch('cvssTo', () => {
+          if (this.cvssToState() !== false) {
+            this.refreshTable();
+          }
+        });
+      },
+      apiUrl: function () {
+        let url = `${this.$api.BASE_URL}/${this.$api.URL_FINDING}`;
+        url += "?showInactive=" + (this.showInactive === "true") + "&showSuppressed=" + (this.showSuppressed === "true");
+        if (this.severitySelected && this.severitySelected.length > 0) {
+          url += "&severity=" + this.severitySelected;
+        }
+        if (this.analysisStatusSelected && this.analysisStatusSelected.length > 0) {
+          url += "&analysisStatus=" + this.analysisStatusSelected;
+        }
+        if (this.vendorResponseSelected && this.vendorResponseSelected.length > 0) {
+          url += "&vendorResponse=" + this.vendorResponseSelected;
+        }
+        if (this.publishDateFrom && this.publishDateFrom.length > 0) {
+          url += "&publishDateFrom=" + this.publishDateFrom;
+        }
+        if (this.publishDateTo && this.publishDateTo.length > 0) {
+          url += "&publishDateTo=" + this.publishDateTo;
+        }
+        if (this.attributedOnDateFrom && this.attributedOnDateFrom.length > 0) {
+          url += "&attributedOnDateFrom=" + this.attributedOnDateFrom;
+        }
+        if (this.attributedOnDateTo && this.attributedOnDateTo.length > 0) {
+          url += "&attributedOnDateTo=" + this.attributedOnDateTo;
+        }
+        if (this.textSearchInput && this.textSearchInput.trim().length > 0) {
+          url += "&textSearchField=" + this.textSearchSelected + "&textSearchInput=" + this.textSearchInput.trim();
+        }
+        if (this.cvssFrom && this.cvssFrom.trim().length > 0) {
+          url += "&cvssFrom=" + this.cvssFrom;
+        }
+        if (this.cvssTo && this.cvssTo.trim().length > 0) {
+          url += "&cvssTo=" + this.cvssTo;
+        }
+        return url;
+      },
+      clearAllFilters: function () {
+        this.simpleWatcher();
+        this.textSearchSelectedWatcher();
+        this.textSearchInputWatcher();
+        this.cvssFromWatcher();
+        this.cvssToWatcher();
+        this.showInactive = false;
+        this.showSuppressed = false;
+        this.severitySelected = [];
+        this.analysisStatusSelected = [];
+        this.vendorResponseSelected = [];
+        this.publishDateFrom = '';
+        this.publishDateTo = '';
+        this.attributedOnDateFrom = '';
+        this.attributedOnDateTo = '';
+        this.textSearchInput = '';
+        this.textSearchSelected = this.textSearchOptions.map(option => option.value);
+        this.cvssFrom = '';
+        this.cvssTo = '';
+        this.refreshTable();
+        this.initializeWatchers();
+      },
+      refreshTable: function() {
+        this.$refs.table.refresh({
+          url: this.apiUrl(),
+          silent: true
+        });
+      },
+      initializeTooltips: function () {
+        $('[data-toggle="tooltip"]').tooltip({
+          trigger: "hover"
+        });
+      },
+      cvssUpperLimit: function () {
+        return this.cvssTo ? this.cvssTo : 10;
+      },
+      cvssLowerLimit: function () {
+        return this.cvssFrom ? this.cvssFrom : 0;
+      },
+      cvssFromState() {
+        return this.cvssFrom ? (!isNaN(this.cvssFrom) && (!this.cvssTo || !isNaN(this.cvssTo) || this.cvssFrom <= this.cvssTo) && this.cvssFrom <= 10 && this.cvssFrom >= 0) : null;
+      },
+      cvssToState() {
+        return this.cvssTo ? (!isNaN(this.cvssTo) && (!this.cvssFrom || !isNaN(this.cvssFrom) || this.cvssTo >= this.cvssFrom) && this.cvssTo <= 10 && this.cvssTo >= 0) : null;
+      }
+    },
+    data() {
+      return {
+        simpleWatcher: null,
+        textSearchSelectedWatcher: null,
+        textSearchInputWatcher: null,
+        cvssFromWatcher: null,
+        cvssToWatcher: null,
+        showInactive: false,
+        showSuppressed: false,
+        severitySelected: [],
+        severityOptions: [
+          { text: 'Critical', value: 'critical' },
+          { text: 'High', value: 'high' },
+          { text: 'Medium', value: 'medium' },
+          { text: 'Low', value: 'low' },
+          { text: 'Unassigned', value: 'unassigned' }
+        ],
+        analysisStatusSelected: [],
+        analysisStatusOptions: [
+          { text: 'Not Set', value: 'NOT_SET' },
+          { text: 'Exploitable', value: 'EXPLOITABLE' },
+          { text: 'In Triage', value: 'IN_TRIAGE' },
+          { text: 'Resolved', value: 'RESOLVED' },
+          { text: 'False Positive', value: 'FALSE_POSITIVE' },
+          { text: 'Not Affected', value: 'NOT_AFFECTED' }
+        ],
+        vendorResponseSelected: [],
+        vendorResponseOptions: [
+          { text: 'Not Set', value: 'NOT_SET' },
+          { text: 'Can not fix', value: 'CAN_NOT_FIX' },
+          { text: 'Will not fix', value: 'WILL_NOT_FIX' },
+          { text: 'Update', value: 'UPDATE' },
+          { text: 'Rollback', value: 'ROLLBACK' },
+          { text: 'Workaround available', value: 'WORKAROUND_AVAILABLE' }
+        ],
+        publishDateFrom: '',
+        publishDateTo: '',
+        attributedOnDateFrom: '',
+        attributedOnDateTo: '',
+        textSearchInput: '',
+        textSearchOptions: [
+          { text: 'Vulnerability ID', value: 'vulnerability_id' },
+          { text: 'Vulnerability Title', value: 'vulnerability_title' },
+          { text: 'Component Name', value: 'component_name' },
+          { text: 'Component Version', value: 'component_version'},
+          { text: 'Project Name', value: 'project_name' }
+        ],
+        textSearchSelected: [],
+        cvssFrom: '',
+        cvssTo: '',
+        columns: [
+          {
+            title: this.$t('message.vulnerability'),
+            field: "vulnerability.vulnId",
+            sortable: true,
+            formatter(value, row, index) {
+              let url = xssFilters.uriInUnQuotedAttr("../vulnerabilities/" + row.vulnerability.source + "/" + value);
+              return common.formatSourceLabel(row.vulnerability.source) + ` <a href="${url}">${xssFilters.inHTMLData(value)}</a>`;
+            }
+          },
+          {
+            title: this.$t('message.title'),
+            field: "vulnerability.title",
+            sortable: true,
+          },
+          {
+            title: this.$t('message.severity'),
+            field: "vulnerability.severity",
+            sortable: true,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                return common.formatSeverityLabel(value);
+              }
+            }
+          },
+          {
+            title: this.$t('message.analyzer'),
+            field: "attribution.analyzerIdentity",
+            sortable: true,
+            formatter(value, row, index) {
+              return common.formatAnalyzerLabel(row.attribution.analyzerIdentity, row.vulnerability.source, row.vulnerability.vulnId,
+                row.attribution.alternateIdentifier, row.attribution.referenceUrl);
+            }
+          },
+          {
+            title: this.$t('message.published'),
+            field: "vulnerability.published",
+            sortable: true,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                return common.formatTimestamp(value);
+              }
+            }
+          },
+          {
+            title: this.$t('message.cwe'),
+            field: "vulnerability.cwes",
+            sortable: false,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                let s = '';
+                for(let i = 0; i < value.length; i++) {
+                  let cwe = value[i];
+                  if (i > 0) {
+                    s += ',&nbsp;&nbsp;&nbsp;'
+                  }
+                  s += `CWE-${cwe.cweId}`
+                }
+                return s;
+              }
+            }
+          },
+          {
+            title: this.$t('message.cvss'),
+            field: "vulnerability.cvssV3BaseScore",
+            sortable: true,
+            formatter(value, row, index) {
+              if (value && typeof value === 'number') {
+                return value.toFixed(1);
+              } else {
+                return null;
+              }
+            },
+          },
+          {
+            title: this.$t('message.project_name'),
+            field: "component.projectName",
+            sortable: true,
+            formatter(value, row, index) {
+              let url = xssFilters.uriInUnQuotedAttr("../projects/" + row.component.project);
+              let name = common.concatenateComponentName(null, row.component.projectName, row.component.projectVersion);
+              return `<a href="${url}">${xssFilters.inHTMLData(name)}</a>`;
+            }
+          },
+          {
+            title: this.$t('message.component'),
+            field: "component.name",
+            sortable: true,
+            formatter: (value, row, index) => {
+              let url = xssFilters.uriInUnQuotedAttr("../../../components/" + row.component.uuid);
+              let dependencyGraphUrl = xssFilters.uriInUnQuotedAttr("../../../projects/" + row.component.project + "/dependencyGraph/" + row.component.uuid)
+              return `<a href="${dependencyGraphUrl}"<i class="fa fa-sitemap" aria-hidden="true" style="float:right; padding-top: 4px; cursor:pointer" data-toggle="tooltip" data-placement="bottom" title="Show in dependency graph"></i></a> ` + `<a href="${url}">${xssFilters.inHTMLData(value)}</a>`;
+            }
+          },
+          {
+            title: this.$t('message.version'),
+            field: "component.version",
+            sortable: true,
+            formatter(value, row, index) {
+              if (Object.prototype.hasOwnProperty.call(row.component, "latestVersion")) {
+                if (row.component.latestVersion !== row.component.version) {
+                  return '<span style="float:right" data-toggle="tooltip" data-placement="bottom" title="Risk: Outdated component. Current version is: '+ xssFilters.inHTMLData(row.component.latestVersion) + '"><i class="fa fa-exclamation-triangle status-warning" aria-hidden="true"></i></span> ' + xssFilters.inHTMLData(row.component.version);
+                } else {
+                  return '<span style="float:right" data-toggle="tooltip" data-placement="bottom" title="Component version is the latest available from the configured repositories"><i class="fa fa-exclamation-triangle status-passed" aria-hidden="true"></i></span> ' + xssFilters.inHTMLData(row.component.version);
+                }
+              } else {
+                return xssFilters.inHTMLData(common.valueWithDefault(value, ""));
+              }
+            }
+          },
+          {
+            title: this.$t('message.analysis'),
+            field: "analysis.state",
+            sortable: true,
+            formatter: common.makeAnalysisStateLabelFormatter(this),
+          },
+          {
+            title: this.$t('message.suppressed'),
+            field: "analysis.isSuppressed",
+            sortable: true,
+            class: "tight",
+            formatter(value, row, index) {
+              return value === true ? '<i class="fa fa-check-square-o" />' : "";
+            },
+          },
+          {
+            title: this.$t('message.attributed_on'),
+            field: "attribution.attributedOn",
+            sortable: true,
+            formatter(value, row, index) {
+              return xssFilters.inHTMLData(common.formatTimestamp(value));
+            }
+          },
+        ],
+        data: [],
+        options: {
+          onPostBody: this.initializeTooltips,
+          search: false,
+          showColumns: true,
+          showRefresh: true,
+          pagination: true,
+          silentSort: false,
+          sidePagination: 'client',
+          queryParamsType: 'pageSize',
+          pageList: '[10, 25, 50, 100]',
+          pageSize: (localStorage && localStorage.getItem("VulnerabilityAuditByOccurrencePageSize") !== null) ? Number(localStorage.getItem("VulnerabilityAuditByOccurrencePageSize")) : 10,
+          sortName: (localStorage && localStorage.getItem("VulnerabilityAuditByOccurrenceSortName") !== null) ? localStorage.getItem("VulnerabilityAuditByOccurrenceSortName") : 'attribution.attributedOn',
+          sortOrder: (localStorage && localStorage.getItem("VulnerabilityAuditByOccurrenceSortOrder") !== null) ? localStorage.getItem("VulnerabilityAuditByOccurrenceSortOrder") : 'desc',
+          icons: {
+            refresh: 'fa-refresh'
+          },
+          toolbar: '#vulnerabilitiesToolbar',
+          responseHandler: function (res, xhr) {
+            res.total = xhr.getResponseHeader("X-Total-Count");
+            return res;
+          },
+          url: this.apiUrl(),
+          onPageChange: ((number, size) => {
+            if (localStorage) {
+              localStorage.setItem("VulnerabilityAuditByOccurrencePageSize", size.toString())
+            }
+          }),
+          onColumnSwitch: ((field, checked) => {
+            if (localStorage) {
+              localStorage.setItem("VulnerabilityAuditByOccurrenceShow"+common.capitalize(field), checked.toString())
+            }
+          }),
+          onSort: ((name, order) => {
+            if (localStorage) {
+              localStorage.setItem("VulnerabilityAuditByOccurrenceSortName", name);
+              localStorage.setItem("VulnerabilityAuditByOccurrenceSortOrder", order);
+            }
+          })
+        }
+      }
+    }
+  };
+</script>
diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
new file mode 100644
index 000000000..7eb31be49
--- /dev/null
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -0,0 +1,383 @@
+<template>
+  <div>
+    <b-row>
+      <b-col xs="6" sm="4" md="4" lg="2" id="filter-controls">
+        <h3 style="display: inline">{{ this.$t('message.filters') }}</h3><b-button size="md" variant="outline-primary" style="float: right" @click="clearAllFilters()">
+        {{ this.$t('message.clear_all') }}</b-button>
+        <br><br>
+        <b-form-group id="showInactive-form-group" :label="this.$t('message.projects')">
+          <b-form-checkbox
+            id="showInactive-form-checkbox"
+            v-model="showInactive"
+            value="true"
+            unchecked-value="false">
+            {{ this.$t('message.show_inactive_projects') }}
+          </b-form-checkbox>
+        </b-form-group>
+        <b-form-group id="severity-form-group" :label="this.$t('message.severity')">
+          <b-form-checkbox-group
+            id="severity-form-checkbox-group"
+            v-model="severitySelected"
+            :options="severityOptions"
+            stacked>
+          </b-form-checkbox-group>
+        </b-form-group>
+        <b-form-group id="publish-date-form-group" :label="this.$t('message.published')">
+          <b-datepicker id="publish-date-datepicker-from" v-model="publishDateFrom" :max="publishDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
+          <b-datepicker id="publish-date-datepicker-to" v-model="publishDateTo" :min="publishDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
+        </b-form-group>
+        <b-form-group id="aggregated-attributed-on-date-form-group" :label="this.$t('message.attributed_on')">
+          <b-datepicker id="aggregated-attributed-on-datepicker-from" v-model="aggregatedAttributedOnDateFrom" :max="aggregatedAttributedOnDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
+          <b-datepicker id="aggregated-attributed-on-datepicker-to" v-model="aggregatedAttributedOnDateTo" :min="aggregatedAttributedOnDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
+        </b-form-group>
+        <b-form-group id="text-search-form-group" :label="this.$t('message.text_search')">
+          <b-form-input id="text-search-form-input" v-model="textSearchInput" debounce="750" :placeholder="this.$t('message.search')"></b-form-input>
+          Search in:
+          <b-form-checkbox-group
+            id="text-search-form-checkbox-group"
+            v-model="textSearchSelected"
+            :options="textSearchOptions"
+            stacked>
+          </b-form-checkbox-group>
+        </b-form-group>
+        <b-form-group id="cvss-form-group" :label="this.$t('message.cvss')">
+          <b-form-row>
+            <b-col><b-form-input id="cvss-from-form-input" v-model="cvssFrom" type="number" min="0" :max="cvssUpperLimit()" step="0.1" debounce="750" :state="cvssFromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+            <b-col><b-form-input id="cvss-to-form-input" v-model="cvssTo" type="number" :min="cvssLowerLimit()" max="10" step="0.1" debounce="750" :state="cvssToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+          </b-form-row>
+        </b-form-group>
+        <b-form-group id="occurrences-form-group" :label="this.$t('message.occurrences_in_projects')">
+          <b-form-row>
+            <b-col><b-form-input id="occurrences-from-form-input" v-model="occurrencesFrom" type="number" min="0" :max="occurrencesUpperLimit()" step="1" debounce="750" :state="occurrencesFromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+            <b-col><b-form-input id="occurrences-to-form-input" v-model="occurrencesTo" type="number" :min="occurrencesLowerLimit()" step="1" debounce="750" :state="occurrencesToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+          </b-form-row>
+        </b-form-group>
+      </b-col>
+      <b-col xs="6" sm="8" md="8" lg="10">
+        <bootstrap-table
+          ref="table"
+          :columns="columns"
+          :data="data"
+          :options="options">
+        </bootstrap-table>
+      </b-col>
+    </b-row>
+  </div>
+</template>
+
+<script>
+import common from "@/shared/common";
+import xssFilters from "xss-filters";
+
+  export default {
+    computed: {
+      watchers() {
+        return [this.showInactive, this.severitySelected, this.publishDateFrom, this.publishDateTo,
+          this.aggregatedAttributedOnDateFrom, this.aggregatedAttributedOnDateTo]
+      }
+    },
+    beforeMount() {
+      this.initializeWatchers();
+      this.textSearchSelected = this.textSearchOptions.map(option => option.value);
+    },
+    methods: {
+      initializeWatchers: function () {
+        this.simpleWatcher = this.$watch('watchers', () => this.refreshTable());
+        this.textSearchSelectedWatcher = this.$watch('textSearchSelected', () => {
+          if (this.textSearchInput.trim().length !== 0 ) {
+            this.refreshTable();
+          }
+        });
+        this.textSearchInputWatcher = this.$watch('textSearchInput', (newInput, oldInput) => {
+          if (!(newInput.trim().length === 0 && oldInput.trim().length === 0)) {
+            this.refreshTable();
+          }
+        });
+        this.cvssFromWatcher = this.$watch('cvssFrom', () => {
+          if (this.cvssFromState() !== false) {
+            this.refreshTable();
+          }
+        });
+        this.cvssToWatcher = this.$watch('cvssTo', () => {
+          if (this.cvssToState() !== false) {
+            this.refreshTable();
+          }
+        });
+        this.occurrencesFromWatcher = this.$watch('occurrencesFrom', () => {
+          if (this.occurrencesFromState() !== false) {
+            this.refreshTable();
+          }
+        });
+        this.occurrencesToWatcher = this.$watch('occurrencesTo', () => {
+          if (this.occurrencesToState() !== false) {
+            this.refreshTable();
+          }
+        });
+      },
+      apiUrl: function () {
+        let url = `${this.$api.BASE_URL}/${this.$api.URL_FINDING}/grouped`;
+        url += "?showInactive=" + (this.showInactive === "true") + "&showSuppressed=" + (this.showSuppressed === "true");
+        if (this.severitySelected && this.severitySelected.length > 0) {
+          url += "&severity=" + this.severitySelected;
+        }
+        if (this.publishDateFrom && this.publishDateFrom.length > 0) {
+          url += "&publishDateFrom=" + this.publishDateFrom;
+        }
+        if (this.publishDateTo && this.publishDateTo.length > 0) {
+          url += "&publishDateTo=" + this.publishDateTo;
+        }
+        if (this.aggregatedAttributedOnDateFrom && this.aggregatedAttributedOnDateFrom.length > 0) {
+          url += "&aggregatedAttributedOnDateFrom=" + this.aggregatedAttributedOnDateFrom;
+        }
+        if (this.aggregatedAttributedOnDateTo && this.aggregatedAttributedOnDateTo.length > 0) {
+          url += "&aggregatedAttributedOnDateTo=" + this.aggregatedAttributedOnDateTo;
+        }
+        if (this.textSearchInput && this.textSearchInput.trim().length > 0) {
+          url += "&textSearchField=" + this.textSearchSelected + "&textSearchInput=" + this.textSearchInput.trim();
+        }
+        if (this.cvssFrom && this.cvssFrom.trim().length > 0) {
+          url += "&cvssFrom=" + this.cvssFrom;
+        }
+        if (this.cvssTo && this.cvssTo.trim().length > 0) {
+          url += "&cvssTo=" + this.cvssTo;
+        }
+        if (this.occurrencesFrom && this.occurrencesFrom.trim().length > 0) {
+          url += "&occurrencesFrom=" + this.occurrencesFrom;
+        }
+        if (this.occurrencesTo && this.occurrencesTo.trim().length > 0) {
+          url += "&occurrencesTo=" + this.occurrencesTo;
+        }
+        return url;
+      },
+      clearAllFilters: function () {
+        this.simpleWatcher();
+        this.textSearchSelectedWatcher();
+        this.textSearchInputWatcher();
+        this.cvssFromWatcher();
+        this.cvssToWatcher();
+        this.occurrencesFromWatcher();
+        this.occurrencesToWatcher();
+        this.showInactive = false;
+        this.severitySelected = [];
+        this.publishDateFrom = '';
+        this.publishDateTo = '';
+        this.aggregatedAttributedOnDateFrom = '';
+        this.aggregatedAttributedOnDateTo = '';
+        this.textSearchInput = '';
+        this.textSearchSelected = this.textSearchOptions.map(option => option.value);
+        this.cvssFrom = '';
+        this.cvssTo = '';
+        this.occurrencesFrom = '';
+        this.occurrencesTo = '';
+        this.refreshTable();
+        this.initializeWatchers();
+      },
+      refreshTable: function() {
+        this.$refs.table.refresh({
+          url: this.apiUrl(),
+          silent: true
+        });
+      },
+      cvssUpperLimit: function () {
+        return this.cvssTo ? this.cvssTo : 10;
+      },
+      cvssLowerLimit: function () {
+        return this.cvssFrom ? this.cvssFrom : 0;
+      },
+      cvssFromState() {
+        return this.cvssFrom ? (!isNaN(this.cvssFrom) && (!this.cvssTo || !isNaN(this.cvssTo) || this.cvssFrom <= this.cvssTo) && this.cvssFrom <= 10) : null;
+      },
+      cvssToState() {
+        return this.cvssTo ? (!isNaN(this.cvssTo) && (!this.cvssFrom || !isNaN(this.cvssFrom) || this.cvssTo >= this.cvssFrom) && this.cvssTo >= 0) : null;
+      },
+      occurrencesUpperLimit: function () {
+        return this.occurrencesTo ? this.occurrencesTo : null;
+      },
+      occurrencesLowerLimit: function () {
+        return this.occurrencesFrom ? this.occurrencesFrom : 0;
+      },
+      occurrencesFromState: function () {
+        return this.occurrencesFrom ? (!isNaN(this.occurrencesFrom) && (!this.occurrencesTo || !isNaN(this.occurrencesTo) || this.occurrencesFrom <= this.occurrencesTo) && this.cvssFrom >= 0) : null;
+      },
+      occurrencesToState: function () {
+        return this.occurrencesTo ? (!isNaN(this.occurrencesTo) && (!this.occurrencesFrom || !isNaN(this.occurrencesFrom) || this.occurrencesTo >= this.occurrencesFrom) && this.cvssTo >= 0) : null;
+      }
+    },
+    data() {
+      return {
+        simpleWatcher: null,
+        textSearchSelectedWatcher: null,
+        textSearchInputWatcher: null,
+        cvssFromWatcher: null,
+        cvssToWatcher: null,
+        occurrencesFromWatcher: null,
+        occurrencesToWatcher: null,
+        showInactive: false,
+        severitySelected: [],
+        severityOptions: [
+          { text: 'Critical', value: 'critical' },
+          { text: 'High', value: 'high' },
+          { text: 'Medium', value: 'medium' },
+          { text: 'Low', value: 'low' },
+          { text: 'Unassigned', value: 'unassigned' }
+        ],
+        publishDateFrom: '',
+        publishDateTo: '',
+        aggregatedAttributedOnDateFrom: '',
+        aggregatedAttributedOnDateTo: '',
+        textSearchInput: '',
+        textSearchOptions: [
+          { text: 'Vulnerability ID', value: 'vulnerability_id' },
+          { text: 'Vulnerability Title', value: 'vulnerability_title' },
+          { text: 'Component Name', value: 'component_name' },
+          { text: 'Component Version', value: 'component_version'},
+          { text: 'Project Name', value: 'project_name' }
+        ],
+        textSearchSelected: [],
+        cvssFrom: '',
+        cvssTo: '',
+        occurrencesFrom: '',
+        occurrencesTo: '',
+        columns: [
+          {
+            title: this.$t('message.vulnerability'),
+            field: "vulnerability.vulnId",
+            sortable: true,
+            formatter(value, row, index) {
+              let url = xssFilters.uriInUnQuotedAttr("../vulnerabilities/" + row.vulnerability.source + "/" + value);
+              return common.formatSourceLabel(row.vulnerability.source) + ` <a href="${url}">${xssFilters.inHTMLData(value)}</a>`;
+            }
+          },
+          {
+            title: this.$t('message.title'),
+            field: "vulnerability.title",
+            sortable: true,
+          },
+          {
+            title: this.$t('message.severity'),
+            field: "vulnerability.severity",
+            sortable: true,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                return common.formatSeverityLabel(value);
+              }
+            }
+          },
+          {
+            title: this.$t('message.analyzer'),
+            field: "attribution.analyzerIdentity",
+            sortable: true,
+            formatter(value, row, index) {
+              return common.formatAnalyzerLabel(row.attribution.analyzerIdentity, row.vulnerability.source, row.vulnerability.vulnId,
+                row.attribution.alternateIdentifier, row.attribution.referenceUrl);
+            }
+          },
+          {
+            title: this.$t('message.published'),
+            field: "vulnerability.published",
+            sortable: true,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                return common.formatTimestamp(value);
+              }
+            }
+          },
+          {
+            title: this.$t('message.cwe'),
+            field: "vulnerability.cwes",
+            sortable: false,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                let s = '';
+                for(let i = 0; i < value.length; i++) {
+                  let cwe = value[i];
+                  if (i > 0) {
+                    s += ',&nbsp;&nbsp;&nbsp;'
+                  }
+                  s += `CWE-${cwe.cweId}`
+                }
+                return s;
+              }
+            }
+          },
+          {
+            title: this.$t('message.cvss'),
+            field: "vulnerability.cvssV3BaseScore",
+            sortable: true,
+            formatter(value, row, index) {
+              if (value && typeof value === 'number') {
+                return value.toFixed(1);
+              } else {
+                return null;
+              }
+            },
+          },
+          {
+            title: "Projects",
+            field: "vulnerability.affectedProjectCount",
+            sortable: true
+          },
+          {
+            title: "First Attributed On",
+            field: "attribution.firstOccurrence",
+            sortable: true,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                return common.formatTimestamp(value);
+              }
+            }
+          },
+          {
+            title: "Last Attributed On",
+            field: "attribution.lastOccurrence",
+            sortable: true,
+            formatter(value, row, index) {
+              if (typeof value !== 'undefined') {
+                return common.formatTimestamp(value);
+              }
+            }
+          }
+        ],
+        data: [],
+        options: {
+          search: false,
+          showColumns: true,
+          showRefresh: true,
+          pagination: true,
+          silentSort: false,
+          sidePagination: 'client',
+          queryParamsType: 'pageSize',
+          pageList: '[10, 25, 50, 100]',
+          pageSize: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilityPageSize") !== null) ? Number(localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilityPageSize")) : 10,
+          sortName: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortName") !== null) ? localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortName") : 'attribution.lastOccurrence',
+          sortOrder: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortOrder") !== null) ? localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortOrder") : 'desc',
+          icons: {
+            refresh: 'fa-refresh'
+          },
+          toolbar: '#vulnerabilitiesToolbar',
+          responseHandler: function (res, xhr) {
+            res.total = xhr.getResponseHeader("X-Total-Count");
+            return res;
+          },
+          url: this.apiUrl(),
+          onPageChange: ((number, size) => {
+            if (localStorage) {
+              localStorage.setItem("VulnerabilityAuditGroupedByVulnerabilityPageSize", size.toString())
+            }
+          }),
+          onColumnSwitch: ((field, checked) => {
+            if (localStorage) {
+              localStorage.setItem("VulnerabilityAuditGroupedByVulnerabilityShow"+common.capitalize(field), checked.toString())
+            }
+          }),
+          onSort: ((name, order) => {
+            if (localStorage) {
+              localStorage.setItem("VulnerabilityAuditGroupedByVulnerabilitySortName", name);
+              localStorage.setItem("VulnerabilityAuditGroupedByVulnerabilitySortOrder", order);
+            }
+          })
+        }
+      }
+    }
+  };
+</script>

From b5b48ce2631b15b0b72728c2626a7d3345d249c2 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Wed, 8 Feb 2023 09:15:41 +0100
Subject: [PATCH 02/10] Fix checkboxes blocking checkboxes of other tab

Signed-off-by: RBickert <rbt@mm-software.com>
---
 ...lnerabilityAuditGroupedByVulnerability.vue | 26 +++++++++----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
index 7eb31be49..fc0d7c3e3 100644
--- a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -5,45 +5,45 @@
         <h3 style="display: inline">{{ this.$t('message.filters') }}</h3><b-button size="md" variant="outline-primary" style="float: right" @click="clearAllFilters()">
         {{ this.$t('message.clear_all') }}</b-button>
         <br><br>
-        <b-form-group id="showInactive-form-group" :label="this.$t('message.projects')">
+        <b-form-group id="grouped-showInactive-form-group" :label="this.$t('message.projects')">
           <b-form-checkbox
-            id="showInactive-form-checkbox"
+            id="grouped-showInactive-form-checkbox"
             v-model="showInactive"
             value="true"
             unchecked-value="false">
             {{ this.$t('message.show_inactive_projects') }}
           </b-form-checkbox>
         </b-form-group>
-        <b-form-group id="severity-form-group" :label="this.$t('message.severity')">
+        <b-form-group id="grouped-severity-form-group" :label="this.$t('message.severity')">
           <b-form-checkbox-group
-            id="severity-form-checkbox-group"
+            id="grouped-severity-form-checkbox-group"
             v-model="severitySelected"
             :options="severityOptions"
             stacked>
           </b-form-checkbox-group>
         </b-form-group>
-        <b-form-group id="publish-date-form-group" :label="this.$t('message.published')">
-          <b-datepicker id="publish-date-datepicker-from" v-model="publishDateFrom" :max="publishDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
-          <b-datepicker id="publish-date-datepicker-to" v-model="publishDateTo" :min="publishDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
+        <b-form-group id="grouped-publish-date-form-group" :label="this.$t('message.published')">
+          <b-datepicker id="grouped-publish-date-datepicker-from" v-model="publishDateFrom" :max="publishDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
+          <b-datepicker id="grouped-publish-date-datepicker-to" v-model="publishDateTo" :min="publishDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
         </b-form-group>
         <b-form-group id="aggregated-attributed-on-date-form-group" :label="this.$t('message.attributed_on')">
           <b-datepicker id="aggregated-attributed-on-datepicker-from" v-model="aggregatedAttributedOnDateFrom" :max="aggregatedAttributedOnDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
           <b-datepicker id="aggregated-attributed-on-datepicker-to" v-model="aggregatedAttributedOnDateTo" :min="aggregatedAttributedOnDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
         </b-form-group>
-        <b-form-group id="text-search-form-group" :label="this.$t('message.text_search')">
-          <b-form-input id="text-search-form-input" v-model="textSearchInput" debounce="750" :placeholder="this.$t('message.search')"></b-form-input>
+        <b-form-group id="grouped-text-search-form-group" :label="this.$t('message.text_search')">
+          <b-form-input id="grouped-text-search-form-input" v-model="textSearchInput" debounce="750" :placeholder="this.$t('message.search')"></b-form-input>
           Search in:
           <b-form-checkbox-group
-            id="text-search-form-checkbox-group"
+            id="grouped-text-search-form-checkbox-group"
             v-model="textSearchSelected"
             :options="textSearchOptions"
             stacked>
           </b-form-checkbox-group>
         </b-form-group>
-        <b-form-group id="cvss-form-group" :label="this.$t('message.cvss')">
+        <b-form-group id="grouped-cvss-form-group" :label="this.$t('message.cvss')">
           <b-form-row>
-            <b-col><b-form-input id="cvss-from-form-input" v-model="cvssFrom" type="number" min="0" :max="cvssUpperLimit()" step="0.1" debounce="750" :state="cvssFromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
-            <b-col><b-form-input id="cvss-to-form-input" v-model="cvssTo" type="number" :min="cvssLowerLimit()" max="10" step="0.1" debounce="750" :state="cvssToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+            <b-col><b-form-input id="grouped-cvss-from-form-input" v-model="cvssFrom" type="number" min="0" :max="cvssUpperLimit()" step="0.1" debounce="750" :state="cvssFromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+            <b-col><b-form-input id="grouped-cvss-to-form-input" v-model="cvssTo" type="number" :min="cvssLowerLimit()" max="10" step="0.1" debounce="750" :state="cvssToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
           </b-form-row>
         </b-form-group>
         <b-form-group id="occurrences-form-group" :label="this.$t('message.occurrences_in_projects')">

From ab8ce0ae0ac9238429df6f2d13b422cf88e672d5 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Wed, 8 Feb 2023 09:15:59 +0100
Subject: [PATCH 03/10] Position global audit above administration

Signed-off-by: RBickert <rbt@mm-software.com>
---
 src/containers/DefaultContainer.vue | 32 ++++++++++++++---------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/src/containers/DefaultContainer.vue b/src/containers/DefaultContainer.vue
index 2c497315b..dd7feda0b 100644
--- a/src/containers/DefaultContainer.vue
+++ b/src/containers/DefaultContainer.vue
@@ -93,6 +93,22 @@
           icon: 'fa fa-balance-scale',
           permission: permissions.VIEW_PORTFOLIO
         },
+          {
+            title: true,
+            name: this.$t('message.global_audit'),
+            class: '',
+            wrapper: {
+              element: '',
+              attributes: {}
+            },
+            permission: permissions.VIEW_VULNERABILITY
+          },
+          {
+            name: this.$t('message.vulnerability_audit'),
+            url: '/vulnerabilityAudit',
+            icon: 'fa fa-tasks',
+            permission: permissions.VIEW_VULNERABILITY
+          },
         {
           title: true,
           name: this.$t('message.administration'),
@@ -115,22 +131,6 @@
           icon: 'fa fa-cogs',
           permission: permissions.SYSTEM_CONFIGURATION
         },
-        {
-          title: true,
-          name: this.$t('message.global_audit'),
-          class: '',
-          wrapper: {
-            element: '',
-            attributes: {}
-          },
-          permission: permissions.VIEW_VULNERABILITY
-        },
-        {
-          name: this.$t('message.vulnerability_audit'),
-          url: '/vulnerabilityAudit',
-          icon: 'fa fa-tasks',
-          permission: permissions.VIEW_VULNERABILITY
-        },
       ]
       }
     },

From 44ca5cc2f7f7bc36421e42e4ed7480c8d863d92c Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Wed, 8 Feb 2023 13:03:19 +0100
Subject: [PATCH 04/10] Preserve visibility of columns

Signed-off-by: RBickert <rbt@mm-software.com>
---
 src/views/globalAudit/VulnerabilityAuditByOccurrence.vue | 9 +++++++--
 .../VulnerabilityAuditGroupedByVulnerability.vue         | 9 +++++++--
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
index ced15cac4..ea1618923 100644
--- a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
+++ b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
@@ -79,7 +79,8 @@
           ref="table"
           :columns="columns"
           :data="data"
-          :options="options">
+          :options="options"
+          @on-load-success="onLoadSuccess">
         </bootstrap-table>
       </b-col>
     </b-row>
@@ -90,6 +91,7 @@
 import common from "@/shared/common";
 import xssFilters from "xss-filters";
 import $ from "jquery";
+import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
 
   export default {
     computed: {
@@ -205,7 +207,10 @@ import $ from "jquery";
       },
       cvssToState() {
         return this.cvssTo ? (!isNaN(this.cvssTo) && (!this.cvssFrom || !isNaN(this.cvssFrom) || this.cvssTo >= this.cvssFrom) && this.cvssTo <= 10 && this.cvssTo >= 0) : null;
-      }
+      },
+      onLoadSuccess: function () {
+        loadUserPreferencesForBootstrapTable(this, "VulnerabilityAuditByOccurrence", this.$refs.table.columns);
+      },
     },
     data() {
       return {
diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
index fc0d7c3e3..5d7d819db 100644
--- a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -58,7 +58,8 @@
           ref="table"
           :columns="columns"
           :data="data"
-          :options="options">
+          :options="options"
+          @on-load-success="onLoadSuccess">
         </bootstrap-table>
       </b-col>
     </b-row>
@@ -68,6 +69,7 @@
 <script>
 import common from "@/shared/common";
 import xssFilters from "xss-filters";
+import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
 
   export default {
     computed: {
@@ -201,7 +203,10 @@ import xssFilters from "xss-filters";
       },
       occurrencesToState: function () {
         return this.occurrencesTo ? (!isNaN(this.occurrencesTo) && (!this.occurrencesFrom || !isNaN(this.occurrencesFrom) || this.occurrencesTo >= this.occurrencesFrom) && this.cvssTo >= 0) : null;
-      }
+      },
+      onLoadSuccess: function () {
+        loadUserPreferencesForBootstrapTable(this, "VulnerabilityAuditGroupedByVulnerability", this.$refs.table.columns);
+      },
     },
     data() {
       return {

From b922884b4bd86f0e567266d357416d603caea110 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Wed, 8 Feb 2023 15:54:11 +0100
Subject: [PATCH 05/10] Sort grouped-tab by project count on default

Signed-off-by: RBickert <rbt@mm-software.com>
---
 .../globalAudit/VulnerabilityAuditGroupedByVulnerability.vue    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
index 5d7d819db..ce5d6b533 100644
--- a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -354,7 +354,7 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           queryParamsType: 'pageSize',
           pageList: '[10, 25, 50, 100]',
           pageSize: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilityPageSize") !== null) ? Number(localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilityPageSize")) : 10,
-          sortName: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortName") !== null) ? localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortName") : 'attribution.lastOccurrence',
+          sortName: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortName") !== null) ? localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortName") : 'vulnerability.affectedProjectCount',
           sortOrder: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortOrder") !== null) ? localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilitySortOrder") : 'desc',
           icons: {
             refresh: 'fa-refresh'

From feb39a98ff1cb2069317e285b342edad38141511 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Tue, 8 Aug 2023 17:32:51 +0200
Subject: [PATCH 06/10] Change pagination to server side

Changes the pagination in both Vulnerability Audit tabs to server side
to reduce the amount of incoming traffic

Signed-off-by: RBickert <rbt@mm-software.com>
---
 src/views/globalAudit/VulnerabilityAuditByOccurrence.vue        | 2 +-
 .../globalAudit/VulnerabilityAuditGroupedByVulnerability.vue    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
index ea1618923..301e72037 100644
--- a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
+++ b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
@@ -404,7 +404,7 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           showRefresh: true,
           pagination: true,
           silentSort: false,
-          sidePagination: 'client',
+          sidePagination: 'server',
           queryParamsType: 'pageSize',
           pageList: '[10, 25, 50, 100]',
           pageSize: (localStorage && localStorage.getItem("VulnerabilityAuditByOccurrencePageSize") !== null) ? Number(localStorage.getItem("VulnerabilityAuditByOccurrencePageSize")) : 10,
diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
index ce5d6b533..3ac010d50 100644
--- a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -350,7 +350,7 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           showRefresh: true,
           pagination: true,
           silentSort: false,
-          sidePagination: 'client',
+          sidePagination: 'server',
           queryParamsType: 'pageSize',
           pageList: '[10, 25, 50, 100]',
           pageSize: (localStorage && localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilityPageSize") !== null) ? Number(localStorage.getItem("VulnerabilityAuditGroupedByVulnerabilityPageSize")) : 10,

From b8185cd757dc160da4e2f322c132739252de8830 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Wed, 23 Aug 2023 15:31:56 +0200
Subject: [PATCH 07/10] Remove first and last occurrence from grouped finding

Signed-off-by: RBickert <rbt@mm-software.com>
---
 ...lnerabilityAuditGroupedByVulnerability.vue | 37 +------------------
 1 file changed, 1 insertion(+), 36 deletions(-)

diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
index 3ac010d50..4f757cff1 100644
--- a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -26,10 +26,6 @@
           <b-datepicker id="grouped-publish-date-datepicker-from" v-model="publishDateFrom" :max="publishDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
           <b-datepicker id="grouped-publish-date-datepicker-to" v-model="publishDateTo" :min="publishDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
         </b-form-group>
-        <b-form-group id="aggregated-attributed-on-date-form-group" :label="this.$t('message.attributed_on')">
-          <b-datepicker id="aggregated-attributed-on-datepicker-from" v-model="aggregatedAttributedOnDateFrom" :max="aggregatedAttributedOnDateTo" :placeholder="this.$t('message.from')"></b-datepicker>
-          <b-datepicker id="aggregated-attributed-on-datepicker-to" v-model="aggregatedAttributedOnDateTo" :min="aggregatedAttributedOnDateFrom" :placeholder="this.$t('message.to')"></b-datepicker>
-        </b-form-group>
         <b-form-group id="grouped-text-search-form-group" :label="this.$t('message.text_search')">
           <b-form-input id="grouped-text-search-form-input" v-model="textSearchInput" debounce="750" :placeholder="this.$t('message.search')"></b-form-input>
           Search in:
@@ -74,8 +70,7 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
   export default {
     computed: {
       watchers() {
-        return [this.showInactive, this.severitySelected, this.publishDateFrom, this.publishDateTo,
-          this.aggregatedAttributedOnDateFrom, this.aggregatedAttributedOnDateTo]
+        return [this.showInactive, this.severitySelected, this.publishDateFrom, this.publishDateTo]
       }
     },
     beforeMount() {
@@ -128,12 +123,6 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         if (this.publishDateTo && this.publishDateTo.length > 0) {
           url += "&publishDateTo=" + this.publishDateTo;
         }
-        if (this.aggregatedAttributedOnDateFrom && this.aggregatedAttributedOnDateFrom.length > 0) {
-          url += "&aggregatedAttributedOnDateFrom=" + this.aggregatedAttributedOnDateFrom;
-        }
-        if (this.aggregatedAttributedOnDateTo && this.aggregatedAttributedOnDateTo.length > 0) {
-          url += "&aggregatedAttributedOnDateTo=" + this.aggregatedAttributedOnDateTo;
-        }
         if (this.textSearchInput && this.textSearchInput.trim().length > 0) {
           url += "&textSearchField=" + this.textSearchSelected + "&textSearchInput=" + this.textSearchInput.trim();
         }
@@ -163,8 +152,6 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.severitySelected = [];
         this.publishDateFrom = '';
         this.publishDateTo = '';
-        this.aggregatedAttributedOnDateFrom = '';
-        this.aggregatedAttributedOnDateTo = '';
         this.textSearchInput = '';
         this.textSearchSelected = this.textSearchOptions.map(option => option.value);
         this.cvssFrom = '';
@@ -228,8 +215,6 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         ],
         publishDateFrom: '',
         publishDateTo: '',
-        aggregatedAttributedOnDateFrom: '',
-        aggregatedAttributedOnDateTo: '',
         textSearchInput: '',
         textSearchOptions: [
           { text: 'Vulnerability ID', value: 'vulnerability_id' },
@@ -321,26 +306,6 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
             title: "Projects",
             field: "vulnerability.affectedProjectCount",
             sortable: true
-          },
-          {
-            title: "First Attributed On",
-            field: "attribution.firstOccurrence",
-            sortable: true,
-            formatter(value, row, index) {
-              if (typeof value !== 'undefined') {
-                return common.formatTimestamp(value);
-              }
-            }
-          },
-          {
-            title: "Last Attributed On",
-            field: "attribution.lastOccurrence",
-            sortable: true,
-            formatter(value, row, index) {
-              if (typeof value !== 'undefined') {
-                return common.formatTimestamp(value);
-              }
-            }
           }
         ],
         data: [],

From 215ed78fcec4cceb970619f16e0c9b0fc42c7483 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Wed, 23 Aug 2023 16:00:36 +0200
Subject: [PATCH 08/10] Rename "CVSS" to "CVSSv3"

Signed-off-by: RBickert <rbt@mm-software.com>
---
 .../VulnerabilityAuditByOccurrence.vue        | 59 ++++++++---------
 ...lnerabilityAuditGroupedByVulnerability.vue | 63 ++++++++++---------
 2 files changed, 62 insertions(+), 60 deletions(-)

diff --git a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
index 301e72037..50171b5b8 100644
--- a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
+++ b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
@@ -66,10 +66,10 @@
               stacked>
             </b-form-checkbox-group>
           </b-form-group>
-          <b-form-group id="cvss-form-group" :label="this.$t('message.cvss')">
+          <b-form-group id="cvssv3-form-group" :label="this.$t('message.cvss_v3')">
             <b-form-row>
-              <b-col><b-form-input id="cvss-from-form-input" v-model="cvssFrom" type="number" min="0" :max="cvssUpperLimit()" step="0.1" debounce="750" :state="cvssFromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
-              <b-col><b-form-input id="cvss-to-form-input" v-model="cvssTo" type="number" :min="cvssLowerLimit()" max="10" step="0.1" debounce="750" :state="cvssToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+              <b-col><b-form-input id="cvssv3-from-form-input" v-model="cvssv3From" type="number" min="0" :max="cvssv3UpperLimit()" step="0.1" debounce="750" :state="cvssv3FromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+              <b-col><b-form-input id="cvssv3-to-form-input" v-model="cvssv3To" type="number" :min="cvssv3LowerLimit()" max="10" step="0.1" debounce="750" :state="cvssv3ToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
             </b-form-row>
           </b-form-group>
         </div>
@@ -117,13 +117,13 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
             this.refreshTable();
           }
         });
-        this.cvssFromWatcher = this.$watch('cvssFrom', () => {
-          if (this.cvssFromState() !== false) {
+        this.cvssv3FromWatcher = this.$watch('cvssv3From', () => {
+          if (this.cvssv3FromState() !== false) {
             this.refreshTable();
           }
         });
-        this.cvssToWatcher = this.$watch('cvssTo', () => {
-          if (this.cvssToState() !== false) {
+        this.cvssv3ToWatcher = this.$watch('cvssv3To', () => {
+          if (this.cvssv3ToState() !== false) {
             this.refreshTable();
           }
         });
@@ -155,11 +155,11 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         if (this.textSearchInput && this.textSearchInput.trim().length > 0) {
           url += "&textSearchField=" + this.textSearchSelected + "&textSearchInput=" + this.textSearchInput.trim();
         }
-        if (this.cvssFrom && this.cvssFrom.trim().length > 0) {
-          url += "&cvssFrom=" + this.cvssFrom;
+        if (this.cvssv3From && this.cvssv3From.trim().length > 0) {
+          url += "&cvssv3From=" + this.cvssv3From;
         }
-        if (this.cvssTo && this.cvssTo.trim().length > 0) {
-          url += "&cvssTo=" + this.cvssTo;
+        if (this.cvssv3To && this.cvssv3To.trim().length > 0) {
+          url += "&cvssv3To=" + this.cvssv3To;
         }
         return url;
       },
@@ -167,8 +167,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.simpleWatcher();
         this.textSearchSelectedWatcher();
         this.textSearchInputWatcher();
-        this.cvssFromWatcher();
-        this.cvssToWatcher();
+        this.cvssv3FromWatcher();
+        this.cvssv3ToWatcher();
         this.showInactive = false;
         this.showSuppressed = false;
         this.severitySelected = [];
@@ -180,15 +180,16 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.attributedOnDateTo = '';
         this.textSearchInput = '';
         this.textSearchSelected = this.textSearchOptions.map(option => option.value);
-        this.cvssFrom = '';
-        this.cvssTo = '';
+        this.cvssv3From = '';
+        this.cvssv3To = '';
         this.refreshTable();
         this.initializeWatchers();
       },
       refreshTable: function() {
         this.$refs.table.refresh({
           url: this.apiUrl(),
-          silent: true
+          silent: true,
+          pageNumber: 1
         });
       },
       initializeTooltips: function () {
@@ -196,17 +197,17 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           trigger: "hover"
         });
       },
-      cvssUpperLimit: function () {
-        return this.cvssTo ? this.cvssTo : 10;
+      cvssv3UpperLimit: function () {
+        return this.cvssv3To ? this.cvssv3To : 10;
       },
-      cvssLowerLimit: function () {
-        return this.cvssFrom ? this.cvssFrom : 0;
+      cvssv3LowerLimit: function () {
+        return this.cvssv3From ? this.cvssv3From : 0;
       },
-      cvssFromState() {
-        return this.cvssFrom ? (!isNaN(this.cvssFrom) && (!this.cvssTo || !isNaN(this.cvssTo) || this.cvssFrom <= this.cvssTo) && this.cvssFrom <= 10 && this.cvssFrom >= 0) : null;
+      cvssv3FromState() {
+        return this.cvssv3From ? (!isNaN(this.cvssv3From) && (!this.cvssv3To || !isNaN(this.cvssv3To) || this.cvssv3From <= this.cvssv3To) && this.cvssv3From <= 10 && this.cvssv3From >= 0) : null;
       },
-      cvssToState() {
-        return this.cvssTo ? (!isNaN(this.cvssTo) && (!this.cvssFrom || !isNaN(this.cvssFrom) || this.cvssTo >= this.cvssFrom) && this.cvssTo <= 10 && this.cvssTo >= 0) : null;
+      cvssv3ToState() {
+        return this.cvssv3To ? (!isNaN(this.cvssv3To) && (!this.cvssv3From || !isNaN(this.cvssv3From) || this.cvssv3To >= this.cvssv3From) && this.cvssv3To <= 10 && this.cvssv3To >= 0) : null;
       },
       onLoadSuccess: function () {
         loadUserPreferencesForBootstrapTable(this, "VulnerabilityAuditByOccurrence", this.$refs.table.columns);
@@ -217,8 +218,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         simpleWatcher: null,
         textSearchSelectedWatcher: null,
         textSearchInputWatcher: null,
-        cvssFromWatcher: null,
-        cvssToWatcher: null,
+        cvssv3FromWatcher: null,
+        cvssv3ToWatcher: null,
         showInactive: false,
         showSuppressed: false,
         severitySelected: [],
@@ -260,8 +261,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           { text: 'Project Name', value: 'project_name' }
         ],
         textSearchSelected: [],
-        cvssFrom: '',
-        cvssTo: '',
+        cvssv3From: '',
+        cvssv3To: '',
         columns: [
           {
             title: this.$t('message.vulnerability'),
@@ -325,7 +326,7 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
             }
           },
           {
-            title: this.$t('message.cvss'),
+            title: this.$t('message.cvss_v3'),
             field: "vulnerability.cvssV3BaseScore",
             sortable: true,
             formatter(value, row, index) {
diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
index 4f757cff1..186a8ab71 100644
--- a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -36,10 +36,10 @@
             stacked>
           </b-form-checkbox-group>
         </b-form-group>
-        <b-form-group id="grouped-cvss-form-group" :label="this.$t('message.cvss')">
+        <b-form-group id="grouped-cvssv3-form-group" :label="this.$t('message.cvss_v3')">
           <b-form-row>
-            <b-col><b-form-input id="grouped-cvss-from-form-input" v-model="cvssFrom" type="number" min="0" :max="cvssUpperLimit()" step="0.1" debounce="750" :state="cvssFromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
-            <b-col><b-form-input id="grouped-cvss-to-form-input" v-model="cvssTo" type="number" :min="cvssLowerLimit()" max="10" step="0.1" debounce="750" :state="cvssToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+            <b-col><b-form-input id="grouped-cvssv3-from-form-input" v-model="cvssv3From" type="number" min="0" :max="cvssv3UpperLimit()" step="0.1" debounce="750" :state="cvssv3FromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+            <b-col><b-form-input id="grouped-cvssv3-to-form-input" v-model="cvssv3To" type="number" :min="cvssv3LowerLimit()" max="10" step="0.1" debounce="750" :state="cvssv3ToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
           </b-form-row>
         </b-form-group>
         <b-form-group id="occurrences-form-group" :label="this.$t('message.occurrences_in_projects')">
@@ -90,13 +90,13 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
             this.refreshTable();
           }
         });
-        this.cvssFromWatcher = this.$watch('cvssFrom', () => {
-          if (this.cvssFromState() !== false) {
+        this.cvssv3FromWatcher = this.$watch('cvssv3From', () => {
+          if (this.cvssv3FromState() !== false) {
             this.refreshTable();
           }
         });
-        this.cvssToWatcher = this.$watch('cvssTo', () => {
-          if (this.cvssToState() !== false) {
+        this.cvssv3ToWatcher = this.$watch('cvssv3To', () => {
+          if (this.cvssv3ToState() !== false) {
             this.refreshTable();
           }
         });
@@ -126,11 +126,11 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         if (this.textSearchInput && this.textSearchInput.trim().length > 0) {
           url += "&textSearchField=" + this.textSearchSelected + "&textSearchInput=" + this.textSearchInput.trim();
         }
-        if (this.cvssFrom && this.cvssFrom.trim().length > 0) {
-          url += "&cvssFrom=" + this.cvssFrom;
+        if (this.cvssv3From && this.cvssv3From.trim().length > 0) {
+          url += "&cvssv3From=" + this.cvssv3From;
         }
-        if (this.cvssTo && this.cvssTo.trim().length > 0) {
-          url += "&cvssTo=" + this.cvssTo;
+        if (this.cvssv3To && this.cvssv3To.trim().length > 0) {
+          url += "&cvssv3To=" + this.cvssv3To;
         }
         if (this.occurrencesFrom && this.occurrencesFrom.trim().length > 0) {
           url += "&occurrencesFrom=" + this.occurrencesFrom;
@@ -144,8 +144,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.simpleWatcher();
         this.textSearchSelectedWatcher();
         this.textSearchInputWatcher();
-        this.cvssFromWatcher();
-        this.cvssToWatcher();
+        this.cvssv3FromWatcher();
+        this.cvssv3ToWatcher();
         this.occurrencesFromWatcher();
         this.occurrencesToWatcher();
         this.showInactive = false;
@@ -154,8 +154,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.publishDateTo = '';
         this.textSearchInput = '';
         this.textSearchSelected = this.textSearchOptions.map(option => option.value);
-        this.cvssFrom = '';
-        this.cvssTo = '';
+        this.cvssv3From = '';
+        this.cvssv3To = '';
         this.occurrencesFrom = '';
         this.occurrencesTo = '';
         this.refreshTable();
@@ -164,20 +164,21 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
       refreshTable: function() {
         this.$refs.table.refresh({
           url: this.apiUrl(),
-          silent: true
+          silent: true,
+          pageNumber: 1
         });
       },
-      cvssUpperLimit: function () {
-        return this.cvssTo ? this.cvssTo : 10;
+      cvssv3UpperLimit: function () {
+        return this.cvssv3To ? this.cvssv3To : 10;
       },
-      cvssLowerLimit: function () {
-        return this.cvssFrom ? this.cvssFrom : 0;
+      cvssv3LowerLimit: function () {
+        return this.cvssv3From ? this.cvssv3From : 0;
       },
-      cvssFromState() {
-        return this.cvssFrom ? (!isNaN(this.cvssFrom) && (!this.cvssTo || !isNaN(this.cvssTo) || this.cvssFrom <= this.cvssTo) && this.cvssFrom <= 10) : null;
+      cvssv3FromState() {
+        return this.cvssv3From ? (!isNaN(this.cvssv3From) && (!this.cvssv3To || !isNaN(this.cvssv3To) || this.cvssv3From <= this.cvssv3To) && this.cvssv3From <= 10) : null;
       },
-      cvssToState() {
-        return this.cvssTo ? (!isNaN(this.cvssTo) && (!this.cvssFrom || !isNaN(this.cvssFrom) || this.cvssTo >= this.cvssFrom) && this.cvssTo >= 0) : null;
+      cvssv3ToState() {
+        return this.cvssv3To ? (!isNaN(this.cvssv3To) && (!this.cvssv3From || !isNaN(this.cvssv3From) || this.cvssv3To >= this.cvssv3From) && this.cvssv3To >= 0) : null;
       },
       occurrencesUpperLimit: function () {
         return this.occurrencesTo ? this.occurrencesTo : null;
@@ -186,10 +187,10 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         return this.occurrencesFrom ? this.occurrencesFrom : 0;
       },
       occurrencesFromState: function () {
-        return this.occurrencesFrom ? (!isNaN(this.occurrencesFrom) && (!this.occurrencesTo || !isNaN(this.occurrencesTo) || this.occurrencesFrom <= this.occurrencesTo) && this.cvssFrom >= 0) : null;
+        return this.occurrencesFrom ? (!isNaN(this.occurrencesFrom) && (!this.occurrencesTo || !isNaN(this.occurrencesTo) || this.occurrencesFrom <= this.occurrencesTo) && this.cvssv3From >= 0) : null;
       },
       occurrencesToState: function () {
-        return this.occurrencesTo ? (!isNaN(this.occurrencesTo) && (!this.occurrencesFrom || !isNaN(this.occurrencesFrom) || this.occurrencesTo >= this.occurrencesFrom) && this.cvssTo >= 0) : null;
+        return this.occurrencesTo ? (!isNaN(this.occurrencesTo) && (!this.occurrencesFrom || !isNaN(this.occurrencesFrom) || this.occurrencesTo >= this.occurrencesFrom) && this.cvssv3To >= 0) : null;
       },
       onLoadSuccess: function () {
         loadUserPreferencesForBootstrapTable(this, "VulnerabilityAuditGroupedByVulnerability", this.$refs.table.columns);
@@ -200,8 +201,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         simpleWatcher: null,
         textSearchSelectedWatcher: null,
         textSearchInputWatcher: null,
-        cvssFromWatcher: null,
-        cvssToWatcher: null,
+        cvssv3FromWatcher: null,
+        cvssv3ToWatcher: null,
         occurrencesFromWatcher: null,
         occurrencesToWatcher: null,
         showInactive: false,
@@ -224,8 +225,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           { text: 'Project Name', value: 'project_name' }
         ],
         textSearchSelected: [],
-        cvssFrom: '',
-        cvssTo: '',
+        cvssv3From: '',
+        cvssv3To: '',
         occurrencesFrom: '',
         occurrencesTo: '',
         columns: [
@@ -291,7 +292,7 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
             }
           },
           {
-            title: this.$t('message.cvss'),
+            title: this.$t('message.cvss_v3'),
             field: "vulnerability.cvssV3BaseScore",
             sortable: true,
             formatter(value, row, index) {

From c4a0e903f5a79439d6c7c9339802f3af71da98d4 Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Mon, 28 Aug 2023 15:41:26 +0200
Subject: [PATCH 09/10] Add CVSSv2 to Vulnerability Audit

Signed-off-by: RBickert <rbt@mm-software.com>
---
 .../VulnerabilityAuditByOccurrence.vue        | 54 +++++++++++++++++++
 ...lnerabilityAuditGroupedByVulnerability.vue | 54 +++++++++++++++++++
 2 files changed, 108 insertions(+)

diff --git a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
index 50171b5b8..3f511f93d 100644
--- a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
+++ b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
@@ -66,6 +66,12 @@
               stacked>
             </b-form-checkbox-group>
           </b-form-group>
+          <b-form-group id="cvssv2-form-group" :label="this.$t('message.cvss_v2')">
+            <b-form-row>
+              <b-col><b-form-input id="cvssv2-from-form-input" v-model="cvssv2From" type="number" min="0" :max="cvssv2UpperLimit()" step="0.1" debounce="750" :state="cvssv2FromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+              <b-col><b-form-input id="cvssv2-to-form-input" v-model="cvssv2To" type="number" :min="cvssv2LowerLimit()" max="10" step="0.1" debounce="750" :state="cvssv2ToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+            </b-form-row>
+          </b-form-group>
           <b-form-group id="cvssv3-form-group" :label="this.$t('message.cvss_v3')">
             <b-form-row>
               <b-col><b-form-input id="cvssv3-from-form-input" v-model="cvssv3From" type="number" min="0" :max="cvssv3UpperLimit()" step="0.1" debounce="750" :state="cvssv3FromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
@@ -117,6 +123,16 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
             this.refreshTable();
           }
         });
+        this.cvssv2FromWatcher = this.$watch('cvssv2From', () => {
+          if (this.cvssv2FromState() !== false) {
+            this.refreshTable();
+          }
+        });
+        this.cvssv2ToWatcher = this.$watch('cvssv2To', () => {
+          if (this.cvssv2ToState() !== false) {
+            this.refreshTable();
+          }
+        });
         this.cvssv3FromWatcher = this.$watch('cvssv3From', () => {
           if (this.cvssv3FromState() !== false) {
             this.refreshTable();
@@ -155,6 +171,12 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         if (this.textSearchInput && this.textSearchInput.trim().length > 0) {
           url += "&textSearchField=" + this.textSearchSelected + "&textSearchInput=" + this.textSearchInput.trim();
         }
+        if (this.cvssv2From && this.cvssv2From.trim().length > 0) {
+          url += "&cvssv2From=" + this.cvssv2From;
+        }
+        if (this.cvssv2To && this.cvssv2To.trim().length > 0) {
+          url += "&cvssv2To=" + this.cvssv2To;
+        }
         if (this.cvssv3From && this.cvssv3From.trim().length > 0) {
           url += "&cvssv3From=" + this.cvssv3From;
         }
@@ -167,6 +189,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.simpleWatcher();
         this.textSearchSelectedWatcher();
         this.textSearchInputWatcher();
+        this.cvssv2FromWatcher();
+        this.cvssv2ToWatcher();
         this.cvssv3FromWatcher();
         this.cvssv3ToWatcher();
         this.showInactive = false;
@@ -180,6 +204,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.attributedOnDateTo = '';
         this.textSearchInput = '';
         this.textSearchSelected = this.textSearchOptions.map(option => option.value);
+        this.cvssv2From = '';
+        this.cvssv2To = '';
         this.cvssv3From = '';
         this.cvssv3To = '';
         this.refreshTable();
@@ -197,6 +223,18 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           trigger: "hover"
         });
       },
+      cvssv2UpperLimit: function () {
+        return this.cvssv2To ? this.cvssv2To : 10;
+      },
+      cvssv2LowerLimit: function () {
+        return this.cvssv2From ? this.cvssv2From : 0;
+      },
+      cvssv2FromState() {
+        return this.cvssv2From ? (!isNaN(this.cvssv2From) && (!this.cvssv2To || !isNaN(this.cvssv2To) || this.cvssv2From <= this.cvssv2To) && this.cvssv2From <= 10 && this.cvssv2From >= 0) : null;
+      },
+      cvssv2ToState() {
+        return this.cvssv2To ? (!isNaN(this.cvssv2To) && (!this.cvssv2From || !isNaN(this.cvssv2From) || this.cvssv2To >= this.cvssv2From) && this.cvssv2To <= 10 && this.cvssv2To >= 0) : null;2
+      },
       cvssv3UpperLimit: function () {
         return this.cvssv3To ? this.cvssv3To : 10;
       },
@@ -218,6 +256,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         simpleWatcher: null,
         textSearchSelectedWatcher: null,
         textSearchInputWatcher: null,
+        cvssv2FromWatcher: null,
+        cvssv2ToWatcher: null,
         cvssv3FromWatcher: null,
         cvssv3ToWatcher: null,
         showInactive: false,
@@ -261,6 +301,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           { text: 'Project Name', value: 'project_name' }
         ],
         textSearchSelected: [],
+        cvssv2From: '',
+        cvssv2To: '',
         cvssv3From: '',
         cvssv3To: '',
         columns: [
@@ -325,6 +367,18 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
               }
             }
           },
+          {
+            title: this.$t('message.cvss_v2'),
+            field: "vulnerability.cvssV2BaseScore",
+            sortable: true,
+            formatter(value, row, index) {
+              if (value && typeof value === 'number') {
+                return value.toFixed(1);
+              } else {
+                return null;
+              }
+            },
+          },
           {
             title: this.$t('message.cvss_v3'),
             field: "vulnerability.cvssV3BaseScore",
diff --git a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
index 186a8ab71..26edf5897 100644
--- a/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
+++ b/src/views/globalAudit/VulnerabilityAuditGroupedByVulnerability.vue
@@ -36,6 +36,12 @@
             stacked>
           </b-form-checkbox-group>
         </b-form-group>
+        <b-form-group id="grouped-cvssv2-form-group" :label="this.$t('message.cvss_v2')">
+          <b-form-row>
+            <b-col><b-form-input id="grouped-cvssv2-from-form-input" v-model="cvssv2From" type="number" min="0" :max="cvssv2UpperLimit()" step="0.1" debounce="750" :state="cvssv2FromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
+            <b-col><b-form-input id="grouped-cvssv2-to-form-input" v-model="cvssv2To" type="number" :min="cvssv2LowerLimit()" max="10" step="0.1" debounce="750" :state="cvssv2ToState()" :placeholder="this.$t('message.to')"></b-form-input></b-col>
+          </b-form-row>
+        </b-form-group>
         <b-form-group id="grouped-cvssv3-form-group" :label="this.$t('message.cvss_v3')">
           <b-form-row>
             <b-col><b-form-input id="grouped-cvssv3-from-form-input" v-model="cvssv3From" type="number" min="0" :max="cvssv3UpperLimit()" step="0.1" debounce="750" :state="cvssv3FromState()" :placeholder="this.$t('message.from')"></b-form-input></b-col>
@@ -90,6 +96,16 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
             this.refreshTable();
           }
         });
+        this.cvssv2FromWatcher = this.$watch('cvssv2From', () => {
+          if (this.cvssv2FromState() !== false) {
+            this.refreshTable();
+          }
+        });
+        this.cvssv2ToWatcher = this.$watch('cvssv2To', () => {
+          if (this.cvssv2ToState() !== false) {
+            this.refreshTable();
+          }
+        });
         this.cvssv3FromWatcher = this.$watch('cvssv3From', () => {
           if (this.cvssv3FromState() !== false) {
             this.refreshTable();
@@ -126,6 +142,12 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         if (this.textSearchInput && this.textSearchInput.trim().length > 0) {
           url += "&textSearchField=" + this.textSearchSelected + "&textSearchInput=" + this.textSearchInput.trim();
         }
+        if (this.cvssv2From && this.cvssv2From.trim().length > 0) {
+          url += "&cvssv2From=" + this.cvssv2From;
+        }
+        if (this.cvssv2To && this.cvssv2To.trim().length > 0) {
+          url += "&cvssv2To=" + this.cvssv2To;
+        }
         if (this.cvssv3From && this.cvssv3From.trim().length > 0) {
           url += "&cvssv3From=" + this.cvssv3From;
         }
@@ -144,6 +166,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.simpleWatcher();
         this.textSearchSelectedWatcher();
         this.textSearchInputWatcher();
+        this.cvssv2FromWatcher();
+        this.cvssv2ToWatcher();
         this.cvssv3FromWatcher();
         this.cvssv3ToWatcher();
         this.occurrencesFromWatcher();
@@ -154,6 +178,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         this.publishDateTo = '';
         this.textSearchInput = '';
         this.textSearchSelected = this.textSearchOptions.map(option => option.value);
+        this.cvssv2From = '';
+        this.cvssv2To = '';
         this.cvssv3From = '';
         this.cvssv3To = '';
         this.occurrencesFrom = '';
@@ -168,6 +194,18 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           pageNumber: 1
         });
       },
+      cvssv2UpperLimit: function () {
+        return this.cvssv2To ? this.cvssv2To : 10;
+      },
+      cvssv2LowerLimit: function () {
+        return this.cvssv2From ? this.cvssv2From : 0;
+      },
+      cvssv2FromState() {
+        return this.cvssv2From ? (!isNaN(this.cvssv2From) && (!this.cvssv2To || !isNaN(this.cvssv2To) || this.cvssv2From <= this.cvssv2To) && this.cvssv2From <= 10) : null;
+      },
+      cvssv2ToState() {
+        return this.cvssv2To ? (!isNaN(this.cvssv2To) && (!this.cvssv2From || !isNaN(this.cvssv2From) || this.cvssv2To >= this.cvssv2From) && this.cvssv2To >= 0) : null;
+      },
       cvssv3UpperLimit: function () {
         return this.cvssv3To ? this.cvssv3To : 10;
       },
@@ -201,6 +239,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         simpleWatcher: null,
         textSearchSelectedWatcher: null,
         textSearchInputWatcher: null,
+        cvssv2FromWatcher: null,
+        cvssv2ToWatcher: null,
         cvssv3FromWatcher: null,
         cvssv3ToWatcher: null,
         occurrencesFromWatcher: null,
@@ -225,6 +265,8 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
           { text: 'Project Name', value: 'project_name' }
         ],
         textSearchSelected: [],
+        cvssv2From: '',
+        cvssv2To: '',
         cvssv3From: '',
         cvssv3To: '',
         occurrencesFrom: '',
@@ -291,6 +333,18 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
               }
             }
           },
+          {
+            title: this.$t('message.cvss_v2'),
+            field: "vulnerability.cvssV2BaseScore",
+            sortable: true,
+            formatter(value, row, index) {
+              if (value && typeof value === 'number') {
+                return value.toFixed(1);
+              } else {
+                return null;
+              }
+            },
+          },
           {
             title: this.$t('message.cvss_v3'),
             field: "vulnerability.cvssV3BaseScore",

From 52e14b09c348cf0bd7fdd67cbcce03ca29dfde6c Mon Sep 17 00:00:00 2001
From: RBickert <rbt@mm-software.com>
Date: Thu, 22 Feb 2024 13:06:26 +0100
Subject: [PATCH 10/10] Fix unreachable code

Signed-off-by: RBickert <rbt@mm-software.com>
---
 src/views/globalAudit/VulnerabilityAuditByOccurrence.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
index 3f511f93d..e30cb3c45 100644
--- a/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
+++ b/src/views/globalAudit/VulnerabilityAuditByOccurrence.vue
@@ -233,7 +233,7 @@ import {loadUserPreferencesForBootstrapTable} from "@/shared/utils";
         return this.cvssv2From ? (!isNaN(this.cvssv2From) && (!this.cvssv2To || !isNaN(this.cvssv2To) || this.cvssv2From <= this.cvssv2To) && this.cvssv2From <= 10 && this.cvssv2From >= 0) : null;
       },
       cvssv2ToState() {
-        return this.cvssv2To ? (!isNaN(this.cvssv2To) && (!this.cvssv2From || !isNaN(this.cvssv2From) || this.cvssv2To >= this.cvssv2From) && this.cvssv2To <= 10 && this.cvssv2To >= 0) : null;2
+        return this.cvssv2To ? (!isNaN(this.cvssv2To) && (!this.cvssv2From || !isNaN(this.cvssv2From) || this.cvssv2To >= this.cvssv2From) && this.cvssv2To <= 10 && this.cvssv2To >= 0) : null;
       },
       cvssv3UpperLimit: function () {
         return this.cvssv3To ? this.cvssv3To : 10;