def getLastTeamVulns(cur, team, limit): return cvedb.getVulns(getCPENames(team), limit)
def getStatistics(cur, team): today=date.today() start=date(today.year, today.month,1) if today.month < 12: end=date(today.year, today.month+1,1) else: end=date(today.year+1, 1, 1) systems=[] for x in getGroupVulns(team): new=0 closed=0 oac=0 tickets=[] for cpe in [y["cpe"] for y in x["components"]]: tickets.extend([getTicket(cve, cpe, x["groupName"], team) for cve in [x["id"] for x in cvedb.getVulns([cpe], 0)]]) for ticket in tickets: opened=False for action in ticket.history: aDate=date(action["time"].year, action["time"].month, action["time"].day) if "status" in action and aDate >= start and aDate < end: if action["status"] == _DEFAULT_STATUS_TEXT: new+=1 opened=True elif action["status"].lower().startswith("closed"): if opened: oac+=1 new-=1 else: closed+=1 systems.append({"systems":x["groupName"], "new": new, "closed": closed, "openedAndClosed":oac}) return systems
def getVulnsForSystem(cur, groupName, systemTeam, cpes=None): if type(cpes) is not list and cpes:cpes=[cpes] if not cpes: cur.execute("""SELECT name FROM Components WHERE id IN ( SELECT component_id FROM Components_in_System_Group WHERE system_group_id IN ( SELECT id FROM System_Groups WHERE name = %s AND team_id IN ( SELECT id FROM Teams WHERE name = %s )));""",(groupName, systemTeam)) cpes=[x[0] for x in cur.fetchall()] # Get tickets for every cve for the vulnerable systems tickets=[] for cpe in cpes: tickets.extend([getTicket(cve, cpe, groupName, systemTeam) for cve in [x["id"] for x in cvedb.getVulns([cpe], 0)]]) tickets=[x for x in tickets if not x.status.lower().startswith("closed")] return tickets