def _cve_db_information(self):
"""
:return:more information about the current databases in use and when it was updated
"""
db_info_url = '{}'.format(self.CVE_BASE_URL.format('dbInfo'))
return make_rest_api_get_call(db_info_url,
self.opts,
self.options,
api_call='db')
def _get_specific_cve_data(self, cve_id=None):
"""
:param cve_id: Specific CVE ID
:return:a JSON of a specific CVE ID
"""
if cve_id:
specific_cve_url = '{}/{}'.format(self.CVE_BASE_URL.format('cve'), cve_id)
return make_rest_api_get_call(specific_cve_url, self.opts, self.options, api_call='cve')
else:
raise FunctionError("Please Specify the CVE ID to search for Vulnerability")
def _browse_cve_api(self, vendor_name=None):
"""
:param vendor_name: Vendor Name to search for Vulnerabilities from CVE DB
:return: if vendor_name=None then returns JSON with all the vendors, otherwise JSON with all the products
associated to a vendor
"""
if vendor_name:
browse_api = '{}/{}'.format(self.CVE_BASE_URL.format('browse'), vendor_name)
else:
browse_api = self.CVE_BASE_URL.format('browse')
return make_rest_api_get_call(browse_api, api_call='browse')
def _search_cve_api(self, vendor_name=None, product=None):
"""
:param vendor_name: Name of the Vendor
:param product: Name of the Product
:return:JSON with all the vulnerabilities as per vendor and product
"""
if vendor_name is not None and product is not None:
search_api = '{}/{}/{}'.format(self.CVE_BASE_URL.format('search'), vendor_name, product)
elif vendor_name is not None and product is None:
search_api = '{}/{}'.format(self.CVE_BASE_URL.format('search'), vendor_name)
elif vendor_name is None and product is not None:
search_api = '{}/{}'.format(self.CVE_BASE_URL.format('search'), product)
return make_rest_api_get_call(search_api, self.opts, self.options, api_call='search')
def selftest_function(opts):
"""
Placeholder for selftest function. An example use would be to test package api connectivity.
Suggested return values are be unimplemented, success, or failure.
"""
# Reading configuration variables from app.config file
options = opts.get("fn_cve_search", {})
try:
url = "/".join((options.get('cve_base_url'), 'last'))
_response = make_rest_api_get_call(url, opts, options)
return {"state": "Success"}
except Exception as e:
log.info("Failed Connection to CVE Database Error - {}".format(e))
return {"state": "Failed", "reason": str(e)}
def _last_30_cves(self):
"""
:return:a JSON of the last 30 CVEs including CAPEC, CWE and CPE expansions
"""
last_url = '{}'.format(self.CVE_BASE_URL.format('last'))
return make_rest_api_get_call(last_url, self.opts, self.options, api_call='last')