[
  {
    "vulnerability_id": "VULN-001",
    "affected_files": [
      "database.py",
      "models.py",
      "api.py"
    ],
    "code_samples": {
      "before": "\nquery = f\"SELECT * FROM users WHERE id = {user_id}\"\n\n",
      "after": "\nimport sqlite3\nquery = \"SELECT * FROM users WHERE id = ?\"\ncursor.execute(query, (user_id,))\n            "
    },
    "configuration_changes": [
      "Implement multi-factor authentication",
      "Set session timeout to 15 minutes",
      "Enable account lockout after 5 failed attempts"
    ],
    "validation_steps": [
      "Unit test the specific fix",
      "Integration test with affected systems",
      "Security scan to verify vulnerability is resolved",
      "Performance impact assessment",
      "Documentation update"
    ],
    "rollback_plan": [
      "Create system backup before applying fix",
      "Document all configuration changes",
      "Test rollback procedure in staging environment",
      "Monitor system for 24 hours after fix",
      "Have emergency contact procedures ready"
    ]
  },
  {
    "vulnerability_id": "VULN-002",
    "affected_files": [
      "templates/",
      "static/js/",
      "views.py"
    ],
    "code_samples": {
      "before": "\nreturn f\"<h1>Welcome {user_input}</h1>\"\n\n",
      "after": "\nimport html\nreturn f\"<h1>Welcome {html.escape(user_input)}</h1>\"\n            "
    },
    "configuration_changes": [
      "Review security configurations related to the vulnerability"
    ],
    "validation_steps": [
      "Unit test the specific fix",
      "Integration test with affected systems",
      "Security scan to verify vulnerability is resolved",
      "Performance impact assessment",
      "Documentation update"
    ],
    "rollback_plan": [
      "Create system backup before applying fix",
      "Document all configuration changes",
      "Test rollback procedure in staging environment",
      "Monitor system for 24 hours after fix",
      "Have emergency contact procedures ready"
    ]
  },
  {
    "vulnerability_id": "VULN-003",
    "affected_files": [
      "Multiple files may be affected"
    ],
    "code_samples": {
      "before": "\ndef validate_password(password):\n    return len(password) > 6\n\n",
      "after": "\nimport re\ndef validate_password(password):\n    return (len(password) >= 12 and \n            re.search(r'[A-Z]', password) and\n            re.search(r'[a-z]', password) and\n            re.search(r'\\d', password) and\n            re.search(r'[!@#$%^&*]', password))\n            "
    },
    "configuration_changes": [
      "Review security configurations related to the vulnerability"
    ],
    "validation_steps": [
      "Unit test the specific fix",
      "Integration test with affected systems",
      "Security scan to verify vulnerability is resolved",
      "Performance impact assessment",
      "Documentation update"
    ],
    "rollback_plan": [
      "Create system backup before applying fix",
      "Document all configuration changes",
      "Test rollback procedure in staging environment",
      "Monitor system for 24 hours after fix",
      "Have emergency contact procedures ready"
    ]
  }
]