Skip to content

Fix cross-scanner deduplication endpoint parsing (#10215) #13964

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
valentijnscholten wants to merge 1 commit into
base: bugfix
Choose a base branch
from
Open

Fix cross-scanner deduplication endpoint parsing (#10215) #13964

valentijnscholten wants to merge 1 commit into from
+12 −1

Conversation

@valentijnscholten
Copy link
Member

@valentijnscholten valentijnscholten commented Dec 22, 2025
edited
Loading

Description

Fix incorrect endpoint parsing when endpoints lack a protocol (scheme) during cross-scanner deduplication.

Problem

When endpoints are converted to strings without a protocol, hyperlink.parse() misinterprets the hostname as the scheme, causing deduplication to fail for identical endpoints.

Example: An endpoint string 10.20.197.218:6379 (without protocol) gets parsed incorrectly, where 10.20.197.218 is treated as the scheme instead of the host.

Solution

Normalize endpoint strings by prepending // if :// is missing before parsing with hyperlink.parse(). This replicates the behavior already used in dojo/endpoint/utils.py line 265.

Fixes #10215

@valentijnscholten
Fix cross-scanner deduplication endpoint parsing (DefectDojo#10215)
8dfdb09 
Fix incorrect endpoint parsing when endpoints lack a protocol (scheme).
When endpoints are converted to strings without a protocol, hyperlink.parse()
misinterprets the hostname as the scheme, causing deduplication to fail.

This fix normalizes endpoint strings by prepending '//' if '://' is missing,
replicating the behavior from dojo/endpoint/utils.py line 265.

Fixes DefectDojo#10215
@valentijnscholten valentijnscholten mentioned this pull request Dec 22, 2025
Closed
@valentijnscholten valentijnscholten linked an issue Dec 22, 2025 that may be closed by this pull request
cross-scanner deduplication incorrect endpoint parsing #10215
Closed
@valentijnscholten valentijnscholten added this to the 2.53.5 milestone Dec 22, 2025
mtesauro
mtesauro approved these changes Dec 23, 2025
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@Maffooch Maffooch Maffooch approved these changes

@Jino-T Jino-T Awaiting requested review from Jino-T

@blakeaowens blakeaowens Awaiting requested review from blakeaowens

At least 4 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

2.53.5

Development

Successfully merging this pull request may close these issues.

cross-scanner deduplication incorrect endpoint parsing

3 participants

@valentijnscholten @mtesauro @Maffooch