Analysis_Tools

🏷️ Badge & Modal System Reference

Overview

This comprehensive reference documents the complete badge and modal system for CVE analysis, organized into distinct categories serving different data scopes and user workflows. The system uses a consolidated modal architecture where related functionality is grouped into cohesive user experiences rather than scattered individual notifications.

System Organization:

• Platform Entry Badges: Row-scoped badges for individual CVE platform entries (JSON generation, data quality, etc.)
• CPE Base String Badges: CPE-scoped badges for specific CPE base strings (references, confirmed mappings, etc.)
• Individual Badges: Standalone notifications requiring immediate visibility
• Technical Implementation: Comprehensive system architecture and implementation details

---

📊 Reference Guide

Table Structure

Each table uses consistent columns to describe badge/modal functionality:

Column	Description
Badge Name	The visual badge text and modal category
Granular Check	Specific condition or data analysis performed
Tooltip or Tab Content Example	Tooltip text (hover) vs Tab content (click/view)
Root Cause Owner	Who addresses the underlying issue
Dev Handled	Processing status (✅ Automated, ❌ Manual, ℹ️ Informational)
Audiences	Target stakeholders (👤 Users, 🔧 Developers, 🗃️ Data Providers)

🎯 Modal vs Individual Badge Logic

Modal Badges (Consolidated Experience):

• Group related functionality into tabbed interfaces
• Provide detailed explanations with expandable content
• Used when information complexity benefits from organization

Individual Badges (Immediate Visibility):

• Critical issues requiring instant attention (🔴 Red badges)
• Quick status indicators (🟢 Confirmed Mappings count)
• Processing notifications (🟡 Has Version Changes)

👥 Audience Icons

• 👤 Tool Users: Understand data quality and processing results for vulnerability analysis
• 🔧 Tool Developers: Access debugging information and system analysis insights
• 🗃️ Source Data Providers: Receive feedback on CVE data quality for upstream assessment

---

🔍 Badge/Modal Analysis by Category

PLATFORM ENTRY BADGES (Row-Scoped Data)

Table 1: JSON Generation Rules Badge/Modal 🟡

Badge Name	Granular Check	Tooltip or Tab Content Example	Root Cause Owner	Dev Handled	Audiences
⚙️ JSON Generation Rules	Unified modal with up to 3 tabs	Tooltip: “JSON Generation Rules detected - Wildcard Generation + Update Pattern Detection (5 transformation(s)). Click for detailed examples.”	Tool Development	✅	👤🔧
→ Tab 1: All Versions Pattern	defaultStatus with no versions OR version: “” OR lessThanOrEqual: “”	Tab Content: INPUT/OUTPUT JSON transformations showing “defaultStatus: ‘affected’” → CPE base string with vulnerable: true	Tool Development	✅	👤🔧
→ Tab 2: Wildcard Generation	Wildcard patterns in version fields expand to ranges	Tab Content: INPUT/OUTPUT JSON showing “version: ‘2.’” → “versionStartIncluding: ‘2.0’, versionEndExcluding: ‘3.0’”*	Tool Development	✅	👤🔧
→ Tab 3: Update Pattern Detection	Version strings with update patterns normalize	Tab Content: INPUT/OUTPUT JSON showing “version: ‘3.3 Patch 1’” → “version: ‘3.3’, update: ‘patch1’”	Tool Development	✅	👤🔧

Table 2: Supporting Information Badge/Modal ⚫

Badge Name	Granular Check	Tooltip or Tab Content Example	Root Cause Owner	Dev Handled	Audiences
⚫ Supporting Information	Unified modal with up to 4 tabs	Tooltip: “Supporting Information available - Versions Array Details + CPE Base Strings Searched (3 item(s)). Click for detailed technical insights and debugging information.”	Tool Development	ℹ️	👤🔧
→ Tab 1: Versions Array Details	CVE Affected CPES Data + Versions Array Structure	Tab Content: Formatted display of “2 CPEs detected” with expandable CPE list + “5 version entries” with structured version array	Tool Development	ℹ️	👤🔧
→ Tab 2: CPE Base Strings Searched	CPE base string processing (used/culled counts)	Tab Content: “3 used, 1 culled” with expandable lists showing used CPE strings vs culled ones with reasons	Tool Development	ℹ️	👤🔧
→ Tab 3: Data Transformations	Source to CPE transformations (curation + unicode)	Tab Content: Table showing original→transformed pairs like “MongoDB Inc” → “mongodb”, “Café Server” → “Cafe Server”	Tool Development	✅	👤🔧
→ Tab 4: API Results	CPE API query results and error tracking	Tab Content: “5 successful, 2 errors” with expandable error details showing specific CPE strings and API error messages	Tool Development	ℹ️	👤🔧

Table 3: Source Data Concerns Badge/Modal 🟪

Badge Name	Granular Check	Tooltip or Tab Content Example	Root Cause Owner	Dev Handled	Audiences
🟪 🔍 Source Data Concerns (X)	Unified modal with up to 10 tabs	Tooltip: “Source data quality issues detected 5 issues: Placeholder Data, Version Text Patterns Click to view detailed LINT analysis”	External Source	❌	👤🔧🗃️
→ Tab 1: Placeholder Data Detected	Vendor/product placeholder values (n/a, -, etc.)	Tab Content: Field-by-field analysis showing “Vendor field contains placeholder value ‘n/a’ which prevents proper CPE matching”	External Source	❌	👤🗃️
→ Tab 2: Version Text Patterns	Text indicators + invalid characters in versions	Tab Content: Character validation showing “Invalid characters in version: <script> (chars: <, >, /) - prevents proper processing”	External Source	❌	👤🗃️
→ Tab 3: Comparator Patterns	Mathematical operators in version strings	Tab Content: Version analysis showing “Version ‘>= 1.0’ contains comparator ‘>=’ that prevents exact version matching”	External Source	❌	👤🗃️
→ Tab 4: Version Granularity	Inconsistent version part counts within same base	Tab Content: Granularity analysis showing “3.3: 2-part vs 3-part versions (3.3 Patch 2, 3.3.0)”	External Source	❌	👤🗃️
→ Tab 5: Wildcard Branches	Wildcard pattern routing validation	Tab Content: Wildcard analysis showing detected patterns and routing decisions	External Source	❌	👤🗃️
→ Tab 6: CPE Array Issues	Empty/malformed CPE arrays + format validation	Tab Content: CPE validation showing “Position 2: Invalid CPE format - missing ‘cpe:’ prefix”	External Source	❌	👤🗃️
→ Tab 7: Duplicate Entries	Duplicate row tracking and consolidation	Tab Content: Duplicate analysis showing “Identical platform appears at rows: [2, 5, 8]”	External Source	ℹ️	👤🗃️
→ Tab 8: Platform Data Issues	Misaligned vendor/product data patterns	Tab Content: Platform analysis showing “Unexpected Platforms data detected in affected entry”	External Source	❌	👤🗃️
→ Tab 9: Missing Affected Products	No products marked as affected/unknown	Tab Content: Product analysis showing “No products marked as ‘affected’ - verify at least one should be affected”	External Source	❌	👤🗃️
→ Tab 10: Overlapping Ranges	Version ranges overlap within same CPE Base String	Tab Content: Range analysis showing “IDENTICAL overlap: v1.0-v2.0 conflicts with v1.0-v2.0 (Row 5)” with consolidation suggestions	External Source	❌	👤🗃️

Table 4: Individual Platform Entry Badges (Non-Modal)

Badge Name	Granular Check	Tooltip or Tab Content Example	Root Cause Owner	Dev Handled	Audiences
🟢 Confirmed Mappings: X	Verified CPE base string mappings available	Tooltip: “Confirmed CPE mappings available (3): cpe:2.3:a:mongodb:compass:::::::: Less specific mappings filtered out: cpe:2.3:a:mongodb:::::::::”*	Tool Development	✅	👤🔧
🔴 git versionType	git versionType with version ranges (CRITICAL)	Tooltip: “CRITICAL: CPE Range Matching Logic does not currently support git versionTypes Detected in version range context”	Tool Development	❌	👤🔧
🟡 git versionType	git versionType without version ranges	Tooltip: “Versioning based on the git versionType is not advised for CPE Names, consider non-git versioning.”	Tool Development	❌	👤🔧
🔴 CVE Affects Product No Versions	No version information + not modal-only case	Tooltip: “No versions detected!” (or detailed version check information)	Tool Development	ℹ️	👤
🟡 Has Version Changes	Version changes/fixes processed	Tooltip: “Versions array contains change history information requiring special handling”	Tool Development	✅	👤🔧

CPE BASE STRING BADGES (CPE Base String-Scoped Data)

Table 5: CPE Reference & Provenance Badges/Modals 📋

Badge Name	Granular Check	Tooltip or Tab Content Example	Audiences
📋 CPE Base String References (X)	CPE provenance reference data modal	Tooltip: “CPE Base String References: 57 references found from NVD CPE API Click for detailed reference information”	👤
→ Dynamic Tabs by Reference Type	Reference data organized by type (Vendor, Product, Project, Version, etc.)	Tab Content: Each reference type gets its own tab showing URLs with frequency counts, compact display format, and external link functionality	👤

Table 6: CPE Analysis & Confirmation Badges/Modals 📈

Badge Name	Granular Check	Tooltip or Tab Content Example	Root Cause Owner	Dev Handled	Audiences
📈 Sorting Priority Context	Multi-tab CPE analysis modal	Tooltip: “Sorting Priority Context available - Statistics + Searches + Versions (4 item(s)). Click for detailed CPE analysis and matching insights.”	Tool Development	ℹ️	👤🔧
→ Tab 1: Confirmed Mapping	Verified CPE base string mapping by moderators	Tab Content: “✓ Confirmed Mapping - This CPE Base String has been verified as a Confirmed Mapping by CPE Moderators”	Tool Development	✅	👤🔧
→ Tab 2: CPE Statistics	Statistical analysis of CPE name matches	Tab Content: “CPE Base String –> CPE Name Matches (X entries)” with detailed match statistics and filtering information	Tool Development	ℹ️	👤🔧
→ Tab 3: Relevant Searches	CPE base string search patterns and results	Tab Content: Search query analysis showing patterns like “vendor:product” with match counts and relevance scores	Tool Development	ℹ️	👤🔧
→ Tab 4: Version Processing	Version-specific CPE processing details	Tab Content: Version analysis showing processing rules, transformations, and match generation details	Tool Development	ℹ️	👤🔧

---

🎯 Key Implementation Notes

Tooltip vs Tab Content Distinction

• Badge Tooltips: Appear on hover, provide summary information and issue counts
• Modal Tab Content: Displayed when badge is clicked and tab is selected, shows detailed structured information with expandable sections

Audience-Specific Value

👤 For Tool Users:

• Modal badges show data processing transparency with detailed explanations
• Color coding provides quick quality assessment at badge level
• Tab content explains specific issues and their impact on vulnerability analysis

🔧 For Tool Developers:

• All badges/tabs provide debugging insights into processing pipeline
• Modal structure reveals system architecture and data flow
• Error details support system analysis and troubleshooting

🗃️ For Source Data Providers:

• Source Data Concerns modal provides comprehensive LINT feedback
• Specific validation errors indicate data quality assessment requirements
• Tab organization supports prioritization of different types of data issues

Architecture Notes

• Modal Consolidation: Related functionality grouped into cohesive experiences rather than scattered individual badges
• Fail-Fast Design: Modals use strict error handling with immediate failure on data integrity issues
• Unified Case Detection: is_modal_only_case() function provides consistent logic across badge creation
• Tab-Based Organization: Complex information organized into logical tabs with expandable content sections

CPE Base String References Modal Technical Details

Implementation Approach:

• Simple Logic: The CPE Base String References modal uses straightforward tab generation
• Reference type sorting and frequency aggregation handled by generateTabsData() function
• Streamlined Processing: The modal logic focuses on reference display and organization

Data Structure:

{
  "Vendor": {
    "total_freq": 134,
    "refs": [
      {"url": "https://example.com/vendor-page", "count": 33},
      {"url": "https://another-vendor-link.com", "count": 25}
    ]
  },
  "Product": {
    "total_freq": 89,
    "refs": [
      {"url": "https://product-page.com", "count": 44}
    ]
  }
}

Tab Generation Process:

1. Reference Type Sorting: Predefined order (Vendor → Project → Product → Version → ChangeLog → Change Log → Advisory → Unknown)
2. Frequency-Based Secondary Sort: Within same priority level, sort by total frequency
3. Dynamic Tab Creation: Each reference type with data gets its own tab
4. Content Generation: generateReferenceTabContent() creates compact URL displays with frequency badges

Bootstrap Integration:

• Uses standard Bootstrap 5 tabbed modal interface
• Tab content areas have max-height: 250px with overflow-y: auto for scrollability
• Reference URLs truncated to 60 characters with “…” for compact display
• External link functionality with target="_blank"

---

⚙️ Technical Implementation Details

Modal Detection System

The badge system uses a two-tier detection approach implemented in the is_modal_only_case() function:

Tier 1 - Modal-Only Detection:

• Cases with only modal badges and no individual notifications
• Uses consolidated modal experience for complex data presentation
• Examples: Supporting Information modal, JSON Generation Rules modal

Tier 2 - Complex Cases:

• Mixed scenarios with both modal and individual badges
• Individual badges highlight critical issues requiring immediate attention
• Modals provide detailed analysis and debugging information

Vulnerable Flag Logic Implementation

The vulnerable flag determination follows a consistent pattern across the system:

// Centralized vulnerability determination (mirrors Python logic)
window.determineVulnerability = function(status) {
    return status === 'affected';
};

// Usage in CPE match generation
const isVulnerable = window.determineVulnerability(versionInfo.status);

Key Pattern: status === 'affected' → vulnerable: true mapping ensures consistent vulnerability assessment across all processing components.

Real CVE Pattern Examples

The system has been validated against production CVE data:

CVE-2024-20515 - Version Granularity Detection:

• Pattern Detected: "Inconsistent version granularity: 3.3: 2-part (3.3 Patch 2, 3.3 Patch 1), 3-part (3.3.0)"
• Implementation: Detects mixed version part counts within the same base version family
• Modal Tab: Source Data Concerns → Version Granularity

CVE-1337-99997 - Version Text Patterns:

• Patterns Detected: Beta, nightly, pre-release indicators in version strings
• Implementation: Identifies text-based version qualifiers that affect processing
• Modal Tab: Source Data Concerns → Version Text Patterns

Overlapping Ranges Detection:

• Pattern Detected: "IDENTICAL overlap: v1.0-v2.0 conflicts with v1.0-v2.0" for duplicate ranges within same CPE Base String
• Implementation: Semantic version comparison using packaging.version.parse() with field-based CPE grouping (vendor:product:platform:packagename:collectionurl)
• Modal Tab: Source Data Concerns → Overlapping Ranges

System Architecture Files

JavaScript Components:

• badge_modal_system.js: Client-side modal system with BadgeModalFactory and BadgeModalManager classes
• modular_rules.js: JSON generation rules processing with determineVulnerability function
• cpe_json_handler.js: CPE match generation and version processing logic

Python Components:

• badge_modal_system.py: Modal detection logic with is_modal_only_case function
• generateHTML.py: HTML generation pipeline with badge creation orchestration
• Badge data preparation and global state management

Template Integration:

• Bootstrap 5 modal framework for responsive UI
• Tabbed interface structure for complex data organization
• Global data storage via window.BADGE_MODAL_DATA

---

This reference documents the complete badge/modal system implementation as currently deployed.