Skip to content

Much more finding count in metrics in 'Top 10 Products by bug severity' than expected #12248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
1 of 3 tasks
sachas2 opened this issue Apr 15, 2025 · 5 comments
Open
1 of 3 tasks

Much more finding count in metrics in 'Top 10 Products by bug severity' than expected #12248

sachas2 opened this issue Apr 15, 2025 · 5 comments
Labels
bug

Comments

@sachas2
Copy link

sachas2 commented Apr 15, 2025

Bug description
The number of every category of finding in the 'Top 10 Products by bug security' metrics is irrelevant. There is way too much vulnerabilities found.

Steps to reproduce
Steps to reproduce the behavior:

  1. Go to Product Type Metrics
  2. Scroll down to 'Top 10 Products by bug severity' in the Metric counts
  3. See the problem (if you also have it)

Expected behavior
A relevant fetched data.

Deployment method (select with an X)

  • Docker Compose
  • Kubernetes
  • GoDojo

Environment information

  • Operating System: Kali-Linux on 5.15.167.4-microsoft-standard-WSL2
  • Docker Compose: 26.1.5
  • DefectDojo version: 2.45.0

Screenshots

Image

Image

Adding one:
Image

Successfully duplicate one finding
Image

Metrics gone crazy:

Image
@sachas2 sachas2 added the bug label Apr 15, 2025
@valentijnscholten
Copy link
Member

Are you saying they are irrelevant because there are too much findings? Or are you saying the counts are incorrect?

@valentijnscholten
Copy link
Member

Locally on my instance the counts look correct, but I can also see that on the demo instance the counts are incorrect: https://demo.defectdojo.org/metrics/product/type vs https://demo.defectdojo.org/product/1
Thank you for reporting this.

@sachas2
Copy link
Author

sachas2 commented Apr 15, 2025

Hello
Sorry I should have added more details

There is much more finding that it actually is. Also the count of false
I did not import million of findings

Is there something I misunderstood about this metrics ?

@sachas2
Copy link
Author

sachas2 commented Apr 15, 2025

Also as you can see when I add one finding, it actually add a lot more, I did not count but it's not the expected behavior

@valentijnscholten valentijnscholten changed the title Not relevant metrics in 'Top 10 Products by bug severity' Incorrect metrics in 'Top 10 Products by bug severity' Apr 15, 2025
@valentijnscholten
Copy link
Member

valentijnscholten commented Apr 15, 2025
edited
Loading

Updated the issue title to make it more clear.

@sachas2 sachas2 changed the title Incorrect metrics in 'Top 10 Products by bug severity' Much more finding in metrics in 'Top 10 Products by bug severity' than expected Apr 15, 2025
@sachas2 sachas2 changed the title Much more finding in metrics in 'Top 10 Products by bug severity' than expected Much more finding count in metrics in 'Top 10 Products by bug severity' than expected Apr 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@valentijnscholten @sachas2
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy