def test_get_cwes_details():
db.session.add(
Cwe(cwe_id="CWE-1", name="Name of CWE-1", description="Description of CWE-1")
)
db.session.add(
Cwe(cwe_id="CWE-2", name="Name of CWE-2", description="Description of CWE-2")
)
db.session.commit()
cwes = get_cwes_details(
[{"lang": "en", "value": "CWE-1"}, {"lang": "en", "value": "CWE-2"}]
)
assert cwes == {"CWE-1": "Name of CWE-1", "CWE-2": "Name of CWE-2"}
cwes = get_cwes_details(
[
{"lang": "en", "value": "CWE-1"},
{"lang": "en", "value": "CWE-1"},
{"lang": "en", "value": "CWE-2"},
]
)
assert cwes == {"CWE-1": "Name of CWE-1", "CWE-2": "Name of CWE-2"}
cwes = get_cwes_details([{"lang": "en", "value": "CWE-3"}])
assert cwes == {"CWE-3": None}
def cve(cve_id):
cve = CveController.get({"cve_id": cve_id})
vendors = convert_cpes(cve.json["configurations"])
cwes = get_cwes_details(
cve.json["cve"]["problemtype"]["problemtype_data"][0]["description"])
# Get the user tags
user_tags = []
if current_user.is_authenticated:
user_tags = UserTagController.list_items({"user_id": current_user.id})
# We have to pass an encoded list of tags for the modal box
cve_tags_encoded = json.dumps([t.name for t in cve.tags])
events = Event.query.filter_by(cve_id=cve.id).order_by(
Event.created_at.desc())
events_by_time = [(time, list(evs)) for time, evs in (
itertools.groupby(events, operator.attrgetter("created_at")))]
return render_template(
"cve.html",
cve=cve,
cve_dumped=json.dumps(cve.json),
vendors=vendors,
cwes=cwes,
user_tags=user_tags,
cve_tags_encoded=cve_tags_encoded,
events_by_time=events_by_time,
)
def cve(cve_id):
cve = CveController.get({"cve_id": cve_id})
vendors = convert_cpes(cve.json["configurations"])
cwes = get_cwes_details(
cve.json["cve"]["problemtype"]["problemtype_data"][0]["description"])
return render_template("cve.html",
cve=cve,
cve_dumped=json.dumps(cve.json),
vendors=vendors,
cwes=cwes)
def cve(cve_id):
q = Cve.query
# Search the CVE
cve = q.filter_by(cve_id=cve_id).first()
if not cve:
return redirect(url_for("main.cves"))
# Nested dict of vendors and their products
vendors = convert_cpes(cve.json["configurations"])
cwes = get_cwes_details(
cve.json["cve"]["problemtype"]["problemtype_data"][0]["description"])
return render_template("cve.html",
cve=cve,
cve_dumped=json.dumps(cve.json),
vendors=vendors,
cwes=cwes)