diff --git a/vulnerabilities/api.py b/vulnerabilities/api.py index d994b297d..f6dbdb313 100644 --- a/vulnerabilities/api.py +++ b/vulnerabilities/api.py @@ -635,7 +635,7 @@ class VulnerabilityViewSet(viewsets.ReadOnlyModelViewSet): Lookup for vulnerabilities affecting packages. """ - queryset = Vulnerability.objects.all() + queryset = Vulnerability.objects.all().order_by('-vulnerability_id') def get_fixed_packages_qs(self): """ @@ -703,7 +703,7 @@ class CPEViewSet(VulnerabilityViewSet): queryset = Vulnerability.objects.filter( vulnerabilityreference__reference_id__startswith="cpe" - ).distinct() + ).distinct().order_by('-vulnerability_id') filterset_class = CPEFilterSet @@ -723,7 +723,7 @@ def bulk_search(self, request): return Response(status=400, data={"Error": f"Invalid CPE: {cpe}"}) vulnerabilitiesResponse = Vulnerability.objects.filter( vulnerabilityreference__reference_id__in=cpes - ).distinct() + ).distinct().order_by('-vulnerability_id') return Response( VulnerabilitySerializer( vulnerabilitiesResponse, many=True, context={"request": request} diff --git a/vulnerabilities/api_extension.py b/vulnerabilities/api_extension.py index 01d98ca99..2b776bc99 100644 --- a/vulnerabilities/api_extension.py +++ b/vulnerabilities/api_extension.py @@ -339,7 +339,7 @@ class VulnerabilityViewSet(viewsets.ReadOnlyModelViewSet): Lookup for vulnerabilities by id. """ - queryset = Vulnerability.objects.all() + queryset = Vulnerability.objects.all().order_by('-vulnerability_id') serializer_class = V2VulnerabilitySerializer lookup_field = "vulnerability_id" filter_backends = (filters.DjangoFilterBackend,) @@ -377,7 +377,7 @@ class CPEViewSet(viewsets.ReadOnlyModelViewSet): queryset = Vulnerability.objects.filter( vulnerabilityreference__reference_id__startswith="cpe" - ).distinct() + ).distinct().order_by('-vulnerability_id') serializer_class = V2VulnerabilitySerializer filter_backends = (filters.DjangoFilterBackend,) throttle_classes = [PermissionBasedUserRateThrottle] @@ -397,7 +397,7 @@ def bulk_search(self, request): for cpe in cpes: if not cpe.startswith("cpe"): return Response(status=400, data={"Error": f"Invalid CPE: {cpe}"}) - qs = Vulnerability.objects.filter(vulnerabilityreference__reference_id__in=cpes).distinct() + qs = Vulnerability.objects.filter(vulnerabilityreference__reference_id__in=cpes).distinct().order_by('-vulnerability_id') return Response(V2VulnerabilitySerializer(qs, many=True, context={"request": request}).data) @@ -415,7 +415,7 @@ class AliasViewSet(viewsets.ReadOnlyModelViewSet): (https://nvd.nist.gov/general/cve-process). """ - queryset = Vulnerability.objects.all() + queryset = Vulnerability.objects.all().order_by('-vulnerability_id') serializer_class = V2VulnerabilitySerializer filter_backends = (filters.DjangoFilterBackend,) filterset_class = AliasFilterSet diff --git a/vulnerabilities/api_v2.py b/vulnerabilities/api_v2.py index 74975b819..18e4fdb03 100644 --- a/vulnerabilities/api_v2.py +++ b/vulnerabilities/api_v2.py @@ -230,7 +230,7 @@ def get_url(self, obj): ) ) class VulnerabilityV2ViewSet(viewsets.ReadOnlyModelViewSet): - queryset = Vulnerability.objects.all() + queryset = Vulnerability.objects.all().order_by('-vulnerability_id') serializer_class = VulnerabilityV2Serializer lookup_field = "vulnerability_id" throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle] @@ -487,7 +487,7 @@ class PackageV2ViewSet(viewsets.ReadOnlyModelViewSet): queryset = Package.objects.all().prefetch_related( Prefetch( "affected_by_vulnerabilities", - queryset=Vulnerability.objects.prefetch_related("fixed_by_packages"), + queryset=Vulnerability.objects.prefetch_related("fixed_by_packages").order_by("-vulnerability_id"), to_attr="prefetched_affected_vulnerabilities", ) )