CN112699372A - Vulnerability processing method and device and computer readable storage medium - Google Patents

Vulnerability processing method and device and computer readable storage medium Download PDF

Info

Publication number
CN112699372A
CN112699372A CN201911003120.6A CN201911003120A CN112699372A CN 112699372 A CN112699372 A CN 112699372A CN 201911003120 A CN201911003120 A CN 201911003120A CN 112699372 A CN112699372 A CN 112699372A
Authority
CN
China
Prior art keywords
vulnerability
information
historical
repair
displaying
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911003120.6A
Other languages
Chinese (zh)
Inventor
向黎希
何国锋
张建宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN201911003120.6A priority Critical patent/CN112699372A/en
Publication of CN112699372A publication Critical patent/CN112699372A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The disclosure relates to a vulnerability processing method, a vulnerability processing device and a computer readable storage medium, and relates to the technical field of computers. The method of the present disclosure comprises: acquiring and displaying vulnerability information obtained after auditing source codes; responding to the selection of one or more items of vulnerability information, and displaying a selected vulnerability information operation area, wherein the operation area comprises a historical repair information trigger area; responding to the trigger of the historical repair information trigger area, and acquiring historical vulnerability repair information related to the selected vulnerability information; and displaying the historical vulnerability repair information related to the selected vulnerability information.

Description

Vulnerability processing method and device and computer readable storage medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a vulnerability processing method and apparatus, and a computer-readable storage medium.
Background
Currently, information security faces serious challenges: the security events are endless, and security vulnerability problems are intensively exploded in the software application layer.
And in the field of software security testing: the number of developers is large, the number of safety personnel is small, and most developers do not know safety; the efficiency and the safety are considered, and developers have a certain trend of repairing the bugs by means of code auditing software in the development process.
Disclosure of Invention
The inventor finds that: the existing code auditing software can only simply display bug information, the same bugs usually appear in the auditing process of different source codes, developers do not have reference information and can only carry out repairing by personal experience, and the bug repairing efficiency is reduced.
One technical problem to be solved by the present disclosure is: how to improve code repair efficiency.
According to some embodiments of the present disclosure, a vulnerability processing method is provided, which includes: acquiring and displaying vulnerability information obtained after auditing source codes; responding to the selection of one or more items of vulnerability information, and displaying a selected vulnerability information operation area, wherein the operation area comprises a historical repair information trigger area; responding to the trigger of the historical repair information trigger area, and acquiring historical vulnerability repair information related to the selected vulnerability information; and displaying the historical vulnerability repair information related to the selected vulnerability information.
In some embodiments, in response to the triggering of the historical repair information trigger area, obtaining historical vulnerability repair information associated with the selected vulnerability information includes: responding to the trigger of the historical repair information trigger area, and acquiring vulnerability identification corresponding to the selected vulnerability information; sending a query request to a database, the query request comprising: vulnerability identification; and receiving historical vulnerability repair information which is returned by the database and is related to the selected vulnerability information.
In some embodiments, the method further comprises: displaying a newly-built repair information trigger area; responding to the triggering of the newly-built repairing information triggering area, and receiving input repairing information; and performing associated storage on the input repair information and the corresponding vulnerability information.
In some embodiments, the associating and storing the input repair scheme with the corresponding vulnerability information includes: sending a write-in request to a database, wherein the write-in request comprises input repair information and corresponding vulnerability identification of the vulnerability information, so that the database stores the input repair information and the corresponding vulnerability identification of the vulnerability information in a correlation manner; and receiving and displaying the writing result returned by the database.
In some embodiments, displaying historical vulnerability fix information associated with the selected vulnerability information includes: under the condition that the historical vulnerability repair information related to the selected vulnerability information comprises a plurality of items, sequencing and displaying the various items of historical vulnerability repair information according to the sequence from small to large of the time difference between the creation time and the current time; or sequencing and displaying the historical vulnerability repair information according to the sequence of the use frequency from large to small.
In some embodiments, the historical vulnerability fix information includes: at least one of vulnerability cause information, taint tracking information, and solution information.
According to other embodiments of the present disclosure, there is provided a vulnerability processing apparatus, including: the information acquisition module is used for acquiring vulnerability information obtained after auditing the source code; responding to the trigger of the historical repair information trigger area, and acquiring historical vulnerability repair information related to the selected vulnerability information; the display module is used for displaying the vulnerability information; responding to the selection of one or more items of vulnerability information, and displaying a selected vulnerability information operation area, wherein the operation area comprises a historical repair information trigger area; and displaying the historical vulnerability repair information related to the selected vulnerability information.
In some embodiments, the information obtaining module is configured to obtain, in response to triggering of the historical repair information trigger area, a vulnerability identification corresponding to the selected vulnerability information; sending a query request to a database, the query request comprising: vulnerability identification; and receiving historical vulnerability repair information which is returned by the database and is related to the selected vulnerability information.
In some embodiments, the display module is further configured to display the newly created repair information trigger area; the device also includes: the information receiving module is used for responding to the triggering of the newly-built repairing information triggering area and receiving input repairing information; and the storage module is used for performing associated storage on the input repair information and the corresponding vulnerability information.
In some embodiments, the storage module is configured to send a write request to the database, where the write request includes the input repair information and the corresponding vulnerability identifier of the vulnerability information, so that the database stores the input repair information and the corresponding vulnerability identifier of the vulnerability information in an associated manner; receiving a writing result returned by the database; the display module is also used for displaying the writing result returned by the database.
In some embodiments, the display module is further configured to, when the historical vulnerability repair information related to the selected vulnerability information includes multiple items, sort and display the items of historical vulnerability repair information in an order from a small time difference to a large time difference between the creation time and the current time; or sequencing and displaying the historical vulnerability repair information according to the sequence of the use frequency from large to small.
In some embodiments, the historical vulnerability fix information includes: at least one of vulnerability cause information, taint tracking information, and solution information.
According to still other embodiments of the present disclosure, a vulnerability processing apparatus is provided, which includes: a processor; and a memory coupled to the processor for storing instructions that, when executed by the processor, cause the processor to perform the vulnerability handling method of any of the preceding embodiments.
According to still further embodiments of the present disclosure, there is provided a non-transitory computer readable storage medium having a computer program stored thereon, wherein the program, when executed by a processor, implements the vulnerability handling method of any of the preceding embodiments.
According to the method, vulnerability information obtained after auditing source codes is displayed, a selected vulnerability information operation area is displayed in response to selection of one or more items of vulnerability information, the operation area comprises a historical repairing information triggering area, and historical vulnerability repairing information related to the selected vulnerability information is obtained and displayed through triggering of the historical repairing information triggering area. According to the method and the device, the functions of a historical repair information triggering area and a historical repair information displaying function are added through the function of the extended code auditing software, and the historical repair information can be acquired by one key to serve as the reference of the current bug repair. The same vulnerability-based repairing method has relevance and similarity, and the repairing efficiency of the vulnerability can be improved through historical repairing information.
Other features of the present disclosure and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 illustrates a flow diagram of a vulnerability handling method of some embodiments of the present disclosure.
Fig. 2 is a flowchart illustrating a vulnerability handling method according to another embodiment of the present disclosure.
Fig. 3 illustrates a schematic structural diagram of a vulnerability processing apparatus according to some embodiments of the present disclosure.
Fig. 4 shows a schematic structural diagram of a vulnerability processing apparatus according to another embodiment of the present disclosure.
Fig. 5 is a schematic structural diagram of a vulnerability processing apparatus according to still other embodiments of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
The disclosure proposes a vulnerability handling method, which is described below with reference to fig. 1.
Fig. 1 is a flow chart of some embodiments of the disclosed vulnerability handling methods. As shown in fig. 1, the method of this embodiment includes: steps S102 to S108.
In step S102, vulnerability information obtained after the source code is audited is obtained and displayed.
Before code auditing, creation of project trigger areas, such as in the form of keystrokes and the like, may be displayed. An uploaded source code is received. The source code may be uploaded locally or integrated with the version control tool. The code auditing software can automatically audit the source code, and the auditing method is applied to the existing mode and is not described in detail herein. The source code may obtain vulnerability information after being audited, where the vulnerability information includes, for example: vulnerability identification (or name, type), which may also include: vulnerability risk level, code position corresponding to the vulnerability, stain tracking information of the vulnerability and the like. The vulnerability information can be sorted and displayed according to a preset sorting method. For example, the risk levels are sorted from high to low or the code positions corresponding to the vulnerabilities are sorted from top to bottom, which is not limited to the illustrated examples.
In step S104, in response to selection of one or more items of vulnerability information, displaying a selected vulnerability information operation area, where the operation area includes a historical repair information trigger area.
The operation area for displaying the selected vulnerability information can be triggered by clicking or selecting the vulnerability information and the like, and the detail information of the selected vulnerability can be displayed. The details of the vulnerability may include, for example, one or more lines of code corresponding to the vulnerability. The operating area and the detailed information of the vulnerability information can be displayed in a new window form of a new page, and a vulnerability information list, the selected operating area of the vulnerability information and the selected detailed information of the vulnerability can be displayed simultaneously in different areas of the same page. And under the condition of selecting a plurality of items of vulnerability information, respectively displaying corresponding operation areas in different windows or different areas.
The operation area and the historical repair information trigger area can be presented in the form of keys. The operation area may further include: audit log trigger area, vulnerability description information trigger area, etc. The different trigger zones may display corresponding content in response to triggering.
In step S106, in response to the trigger of the historical repair information trigger area, historical vulnerability repair information related to the selected vulnerability information is obtained.
For example, the user may trigger the historical repair information trigger area by clicking or the like. The trigger zone may also be triggered by voice, gesture, or other means. In some embodiments, in response to the trigger of the historical repair information trigger area, a vulnerability identification corresponding to the selected vulnerability information is obtained. Sending a query request to a database, the query request comprising: and (5) vulnerability identification. And receiving historical vulnerability repair information which is returned by the database and is related to the selected vulnerability information. The historical bug fix information trigger area may be associated with a link (e.g., a URL link) of the database, and may enable one-touch display of the historical bug fix information. If historical vulnerability fix information related to the selected vulnerability information is not queried in the database, no historical information may be displayed.
Alternatively, the vulnerability information operating area may include a plurality of trigger areas, and in response to selection of one or more items of vulnerability information, send a query request to the database, where the query request includes: and (5) vulnerability identification. And receiving information which is returned by the database and is related to each trigger area corresponding to the selected vulnerability information, and displaying the related information when one trigger area is triggered. If one or more of the trigger zones do not have relevant information, the trigger zone may be set to be non-triggerable.
In step S108, the historical vulnerability fix information related to the selected vulnerability information is displayed.
The historical vulnerability repair information includes: at least one of vulnerability cause information, taint tracking information, and solution information. The stain tracking information includes, for example, the explosion point of the vulnerability, source information, and the like. The vulnerability cause information and the solution information can be customized.
In some embodiments, under the condition that the historical vulnerability repair information related to the selected vulnerability information comprises a plurality of items, sorting and displaying the items of historical vulnerability repair information according to the sequence from small time difference to large time difference between the creation time and the current time; or, the historical vulnerability repair information items are sorted and displayed in the order of the use frequency from large to small, and the method is not limited to the example. Under the condition that the historical vulnerability repair information related to the selected vulnerability information comprises a plurality of items, the historical vulnerability repair information selected by a user and used for the current vulnerability repair can be received, the historical vulnerability repair information can be selected by clicking, inputting and the like, the corresponding use times of the historical vulnerability repair information in the database are increased once, and the use frequency of each item of historical vulnerability repair information can be determined according to records in the database. The user can also score the historical vulnerability repair information, and the historical vulnerability repair information is sorted and displayed according to the average score from high to low.
In the above embodiment, the vulnerability information obtained after the source code is audited is displayed, the selected vulnerability information operation area is displayed in response to the selection of one or more items of vulnerability information, the operation area includes the historical repair information trigger area, and the historical vulnerability repair information related to the selected vulnerability information is obtained and displayed through the triggering of the historical repair information trigger area. In the embodiment, the functions of the code auditing software are extended, and the trigger area and the display function of the historical repair information are added, so that the historical repair information can be acquired by one key and used as the reference of the current bug repair. The same vulnerability-based repairing method has relevance and similarity, and the repairing efficiency of the vulnerability can be improved through historical repairing information.
Further embodiments of the disclosed vulnerability handling methods are described below in conjunction with fig. 2.
Fig. 2 is a flowchart of another embodiment of the vulnerability processing method of the present disclosure. As shown in fig. 2, the method of this embodiment further includes: steps S202 to S206.
In step S202, a new repair information trigger area is displayed.
And displaying a newly-built repairing information trigger area in the operating area of the vulnerability information. The user can create the repair information under the condition that the historical repair information does not exist, and can also create the repair information under the condition that the difference between the current repair and the historical repair information is large.
In step S204, in response to the triggering of the new repair information trigger area, the input repair information is received.
In response to the triggering of the newly created repair information trigger area, a repair information input area may be displayed, and the input repair information may be received.
In step S206, the input repair information and the corresponding vulnerability information are stored in association with each other.
In some embodiments, a write-in request is sent to a database, the write-in request includes input repair information and corresponding vulnerability identification of the vulnerability information, and the database stores the input repair information and the corresponding vulnerability identification of the vulnerability information in an associated manner; and receiving and displaying the writing result returned by the database. And automatically acquired information such as stain tracking information and the like can be used as input repair information to automatically add a write-in request, and the input repair information is sent to the database and the corresponding vulnerability identification of the vulnerability information to be stored in an associated manner.
In some embodiments, the user may also modify historical vulnerability fix information. Responding to the trigger of a modification trigger area corresponding to one item of historical vulnerability repair information (for example, a modification key is arranged after each item of historical vulnerability repair information), and displaying the historical vulnerability repair information in an editable mode; and receiving the modified information, and performing associated storage on the modified historical vulnerability repair information and the corresponding vulnerability information. For example, a modification request is sent to a database, the modification request comprises modified historical vulnerability repair information and vulnerability identification of corresponding vulnerability information, and the database stores the modified historical vulnerability repair information and the vulnerability identification of the corresponding vulnerability information in an associated manner; and receiving and displaying the modification result returned by the database.
In some embodiments, the user may also delete historical vulnerability fix information. And in response to the trigger of the deletion trigger area corresponding to one piece of historical vulnerability repair information (for example, a deletion key is set after each piece of historical vulnerability repair information), deleting the corresponding piece of historical vulnerability repair information. For example, a deletion request is sent to a database, the modification request comprises a corresponding vulnerability identification and an identification of historical vulnerability repair information, and the database deletes the vulnerability identification and the identification of the historical vulnerability repair information and deletes the corresponding historical vulnerability repair information; and receiving and displaying a deletion result returned by the database.
In some embodiments, the database may perform lifecycle management on historical vulnerability fix information. For example, the historical vulnerability fix information stored for more than a preset time is deleted. Or deleting the historical vulnerability repair information with the use frequency lower than the threshold value in the preset time period.
According to the method of the embodiment, functions of creating and deleting the repair information are added to the code auditing software, so that the accumulation, sharing and management of the repair information are realized, and the bug repair efficiency is improved.
The present disclosure also provides a vulnerability handling apparatus, which is described below in conjunction with fig. 3.
Fig. 3 is a block diagram of some embodiments of the disclosed vulnerability processing apparatus. As shown in fig. 3, the apparatus 30 of this embodiment includes: an information acquisition module 310 and a display module 320.
The information acquisition module 310 is configured to acquire vulnerability information obtained after the source code is audited; and responding to the trigger of the historical repairing information trigger area, and acquiring historical vulnerability repairing information related to the selected vulnerability information.
In some embodiments, the information obtaining module 310 is configured to, in response to the trigger of the historical repair information trigger area, obtain a vulnerability identification corresponding to the selected vulnerability information; sending a query request to a database, the query request comprising: vulnerability identification; and receiving historical vulnerability repair information which is returned by the database and is related to the selected vulnerability information.
The display module 320 is used for displaying the vulnerability information; responding to the selection of one or more items of vulnerability information, and displaying a selected vulnerability information operation area, wherein the operation area comprises a historical repair information trigger area; and displaying the historical vulnerability repair information related to the selected vulnerability information.
In some embodiments, the display module 320 is further configured to display the new repair information trigger area. The apparatus 30 further comprises: the information receiving module 330 is configured to receive the input repair information in response to the triggering of the newly created repair information trigger area. The storage module 340 is configured to perform associated storage on the input repair information and the corresponding vulnerability information.
In some embodiments, the storage module 340 is configured to send a write request to the database, where the write request includes the input repair information and the corresponding vulnerability identifier of the vulnerability information, so that the database stores the input repair information and the corresponding vulnerability identifier of the vulnerability information in an associated manner; and receiving a writing result returned by the database. The display module 320 is further configured to display a writing result returned by the database.
In some embodiments, the display module 320 is further configured to, when the historical vulnerability repair information related to the selected vulnerability information includes multiple items, sort and display the items of historical vulnerability repair information according to a descending order of a time difference between the creation time and the current time; or sequencing and displaying the historical vulnerability repair information according to the sequence of the use frequency from large to small.
In some embodiments, the historical vulnerability fix information includes: at least one of vulnerability cause information, taint tracking information, and solution information.
The vulnerability processing apparatuses in the embodiments of the present disclosure may each be implemented by various computing devices or computer systems, which are described below in conjunction with fig. 4 and 5.
Fig. 4 is a block diagram of some embodiments of the disclosed vulnerability processing apparatus. As shown in fig. 4, the apparatus 40 of this embodiment includes: a memory 410 and a processor 420 coupled to the memory 410, the processor 420 configured to execute the vulnerability processing method in any of the embodiments of the present disclosure based on instructions stored in the memory 410.
Memory 410 may include, for example, system memory, fixed non-volatile storage media, and the like. The system memory stores, for example, an operating system, an application program, a Boot Loader (Boot Loader), a database, and other programs.
Fig. 5 is a block diagram of another embodiment of the vulnerability processing apparatus according to the present disclosure. As shown in fig. 5, the apparatus 50 of this embodiment includes: memory 510 and processor 520 are similar to memory 410 and processor 420, respectively. An input output interface 530, a network interface 540, a storage interface 550, and the like may also be included. These interfaces 530, 540, 550 and the connections between the memory 510 and the processor 520 may be, for example, via a bus 560. The input/output interface 530 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. The network interface 540 provides a connection interface for various networking devices, such as a database server or a cloud storage server. The storage interface 550 provides a connection interface for external storage devices such as an SD card and a usb disk.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only exemplary of the present disclosure and is not intended to limit the present disclosure, so that any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.

Claims (14)

1. A vulnerability handling method, comprising:
acquiring and displaying vulnerability information obtained after auditing source codes;
responding to the selection of one or more items of vulnerability information, and displaying a selected vulnerability information operation area, wherein the operation area comprises a historical repair information trigger area;
responding to the trigger of the historical repairing information trigger area, and acquiring historical vulnerability repairing information related to the selected vulnerability information;
and displaying the historical vulnerability repair information related to the selected vulnerability information.
2. The vulnerability processing method of claim 1, wherein,
the obtaining historical vulnerability repair information related to the selected vulnerability information in response to the triggering of the historical repair information trigger area comprises:
responding to the trigger of the historical repair information trigger area, and acquiring vulnerability identification corresponding to the selected vulnerability information;
sending a query request to a database, the query request comprising: the vulnerability identification;
and receiving historical vulnerability repair information which is returned by the database and is related to the selected vulnerability information.
3. The vulnerability processing method of claim 1, further comprising:
displaying a newly-built repair information trigger area;
responding to the triggering of the newly-built repairing information triggering area, and receiving input repairing information;
and performing associated storage on the input repair information and the corresponding vulnerability information.
4. The vulnerability processing method of claim 3, wherein,
the associating and storing the input repairing scheme and the corresponding vulnerability information comprises:
sending a write-in request to a database, wherein the write-in request comprises input repair information and corresponding vulnerability identification of the vulnerability information, so that the database stores the input repair information and the corresponding vulnerability identification of the vulnerability information in an associated manner;
and receiving and displaying the writing result returned by the database.
5. The vulnerability processing method of claim 1, wherein,
the displaying of the historical vulnerability fix information related to the selected vulnerability information includes:
under the condition that the historical vulnerability repair information related to the selected vulnerability information comprises a plurality of items, sequencing and displaying the various items of historical vulnerability repair information according to the sequence from small to large of the time difference between the creation time and the current time; or sequencing and displaying the historical vulnerability repair information according to the sequence of the use frequency from large to small.
6. The vulnerability processing method of any of claims 1-5,
the historical vulnerability fix information includes: at least one of vulnerability cause information, taint tracking information, and solution information.
7. A vulnerability processing apparatus, comprising:
the information acquisition module is used for acquiring vulnerability information obtained after auditing the source code; responding to the trigger of the historical repairing information trigger area, and acquiring historical vulnerability repairing information related to the selected vulnerability information;
the display module is used for displaying the vulnerability information; responding to the selection of one or more items of vulnerability information, and displaying a selected vulnerability information operation area, wherein the operation area comprises a historical repair information trigger area; and displaying the historical vulnerability repair information related to the selected vulnerability information.
8. The vulnerability processing apparatus of claim 7, wherein,
the information acquisition module is used for responding to the trigger of the historical repair information trigger area and acquiring a vulnerability identification corresponding to the selected vulnerability information; sending a query request to a database, the query request comprising: the vulnerability identification; and receiving historical vulnerability repair information which is returned by the database and is related to the selected vulnerability information.
9. The vulnerability processing apparatus of claim 7, wherein,
the display module is also used for displaying the newly-built repairing information trigger area;
the device further comprises:
the information receiving module is used for responding to the triggering of the newly-built repairing information triggering area and receiving input repairing information;
and the storage module is used for performing associated storage on the input repair information and the corresponding vulnerability information.
10. The vulnerability processing apparatus of claim 9, wherein,
the storage module is used for sending a write-in request to a database, wherein the write-in request comprises input repair information and corresponding vulnerability identification of the vulnerability information, so that the database stores the input repair information and the corresponding vulnerability identification of the vulnerability information in an associated manner; receiving a writing result returned by the database;
the display module is also used for displaying the writing result returned by the database.
11. The vulnerability processing apparatus of claim 7, wherein,
the display module is further used for sequencing and displaying various historical vulnerability repair information according to the sequence from small to large of the time difference between the creation time and the current time under the condition that the historical vulnerability repair information related to the selected vulnerability information comprises a plurality of items; or sequencing and displaying the historical vulnerability repair information according to the sequence of the use frequency from large to small.
12. The vulnerability processing apparatus of any of claims 7-11, wherein,
the historical vulnerability fix information includes: at least one of vulnerability cause information, taint tracking information, and solution information.
13. A vulnerability processing apparatus, comprising:
a processor; and
a memory coupled to the processor for storing instructions that, when executed by the processor, cause the processor to perform the vulnerability handling method of any of claims 1-6.
14. A non-transitory computer readable storage medium having stored thereon a computer program, wherein the program when executed by a processor implements the steps of the method of any one of claims 1-6.
CN201911003120.6A 2019-10-22 2019-10-22 Vulnerability processing method and device and computer readable storage medium Pending CN112699372A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911003120.6A CN112699372A (en) 2019-10-22 2019-10-22 Vulnerability processing method and device and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911003120.6A CN112699372A (en) 2019-10-22 2019-10-22 Vulnerability processing method and device and computer readable storage medium

Publications (1)

Publication Number Publication Date
CN112699372A true CN112699372A (en) 2021-04-23

Family

ID=75504459

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911003120.6A Pending CN112699372A (en) 2019-10-22 2019-10-22 Vulnerability processing method and device and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN112699372A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113162936A (en) * 2021-04-25 2021-07-23 亿次网联(杭州)科技有限公司 Method and system for preventing abnormal dynamic analysis

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113162936A (en) * 2021-04-25 2021-07-23 亿次网联(杭州)科技有限公司 Method and system for preventing abnormal dynamic analysis
CN113162936B (en) * 2021-04-25 2023-04-07 亿次网联(杭州)科技有限公司 Method and system for preventing abnormal dynamic analysis

Similar Documents

Publication Publication Date Title
US10990511B2 (en) Apparatus and application interface traversing method
US11507256B2 (en) Updating data records by adding editing functions to non-editable display elements
US11023533B2 (en) Node task data display method and apparatus, storage medium and computer equipment
CN108399124B (en) Application testing method and device, computer equipment and storage medium
US8650136B2 (en) Text classification with confidence grading
CN109766142B (en) Method for customizing user interface, self-service terminal equipment, server and storage medium
EP2677451A2 (en) License verification method and apparatus, and computer readable storage medium storing program therefor
CN104461723A (en) Process control method, device and system
CN107430590B (en) System and method for data comparison
CN112699372A (en) Vulnerability processing method and device and computer readable storage medium
CN112363814A (en) Task scheduling method and device, computer equipment and storage medium
CN112396314A (en) Task allocation method and device, electronic equipment and storage medium
CN107341105A (en) Information processing method, terminal and server
US20110161304A1 (en) Deployment and compliance manager
CN110727576A (en) Web page testing method, device, equipment and storage medium
AU2016408336B2 (en) Systems and methods for data evaluation and classification
US11481517B2 (en) System and method for determining permission profiles for computer executable functions
CN113867715A (en) Page bottom bar configuration method, device, equipment and storage medium
US20190163736A1 (en) Identifying attributes associated with an entity using natural language processing
CN114281688A (en) Codeless or low-code automatic case management method and device
WO2018033779A1 (en) Identifying attributes associated with an entity using natural language processing
CN106293897B (en) Automatic scheduling system of subassembly
CN116483735B (en) Method, device, storage medium and equipment for analyzing influence of code change
US9223462B1 (en) Configuration of embedded intelligence
CN115858319B (en) Stream data processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination