From 14aa6e2d1a0a4933f1d26c181215487bf25c6cf4 Mon Sep 17 00:00:00 2001
From: chrisr3d <chris.studer.68@gmail.com>
Date: Thu, 1 Oct 2020 22:44:39 +0200
Subject: [PATCH] fix: [cve_advanced] Avoiding potential MISP object references
 issues

- Adding objects as dictionaries in an event may
  cause issues in some cases. It is better to pass
  the MISP object as is, as it is already a valid
  object since the MISPObject class is used
---
 misp_modules/modules/expansion/cve_advanced.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/misp_modules/modules/expansion/cve_advanced.py b/misp_modules/modules/expansion/cve_advanced.py
index cd36655..d15711f 100644
--- a/misp_modules/modules/expansion/cve_advanced.py
+++ b/misp_modules/modules/expansion/cve_advanced.py
@@ -56,7 +56,7 @@ class VulnerabilityParser():
                         value = value['title']
                     vulnerability_object.add_attribute(relation, **{'type': attribute_type, 'value': value})
         vulnerability_object.add_reference(self.attribute['uuid'], 'related-to')
-        self.misp_event.add_object(**vulnerability_object)
+        self.misp_event.add_object(vulnerability_object)
         if 'cwe' in self.vulnerability and self.vulnerability['cwe'] not in ('Unknown', 'NVD-CWE-noinfo'):
             self.__parse_weakness(vulnerability_object.uuid)
         if 'capec' in self.vulnerability:
@@ -79,7 +79,7 @@ class VulnerabilityParser():
             for related_weakness in capec['related_weakness']:
                 attribute = dict(type='weakness', value="CWE-{}".format(related_weakness))
                 capec_object.add_attribute('related-weakness', **attribute)
-            self.misp_event.add_object(**capec_object)
+            self.misp_event.add_object(capec_object)
             self.references[vulnerability_uuid].append(dict(referenced_uuid=capec_object.uuid,
                                                             relationship_type='targeted-by'))
 
@@ -95,7 +95,7 @@ class VulnerabilityParser():
                     for feature, relation in self.weakness_mapping.items():
                         if cwe.get(feature):
                             weakness_object.add_attribute(relation, **dict(type=attribute_type, value=cwe[feature]))
-                    self.misp_event.add_object(**weakness_object)
+                    self.misp_event.add_object(weakness_object)
                     self.references[vulnerability_uuid].append(dict(referenced_uuid=weakness_object.uuid,
                                                                     relationship_type='weakened-by'))
                     break