@@ -8,11 +8,17 @@ CVE_CHECK_STATUSMAP[backported-patch] = "Patched"
CVE_CHECK_STATUSMAP[cpe-stable-backport] = "Patched"
# use when NVD DB does not mention correct version or does not mention any verion at all
CVE_CHECK_STATUSMAP[fixed-version] = "Patched"
+# use when a fix file has been included (set automatically)
+CVE_CHECK_STATUSMAP[fix-file-included] = "Patched"
+# do not use directly: automatic scan reports version number NOT in the vulnerable range (set automatically)
+CVE_CHECK_STATUSMAP[version-not-in-range] = "Patched"
# used internally by this class if CVE vulnerability is detected which is not marked as fixed or ignored
CVE_CHECK_STATUSMAP[unpatched] = "Unpatched"
# use when CVE is confirmed by upstream but fix is still not available
CVE_CHECK_STATUSMAP[vulnerable-investigating] = "Unpatched"
+# do not use directly: automatic scan reports version number IS in the vulnerable range (set automatically)
+CVE_CHECK_STATUSMAP[version-in-range] = "Unpatched"
# used for migration from old concept, do not use for new vulnerabilities
CVE_CHECK_STATUSMAP[ignored] = "Ignored"
@@ -26,3 +32,6 @@ CVE_CHECK_STATUSMAP[not-applicable-config] = "Ignored"
CVE_CHECK_STATUSMAP[not-applicable-platform] = "Ignored"
# use when upstream acknowledged the vulnerability but does not plan to fix it
CVE_CHECK_STATUSMAP[upstream-wontfix] = "Ignored"
+
+# use when it is impossible to conclude if the vulnerability is present or not
+CVE_CHECK_STATUSMAP[unknown] = "Unknown"