def _get_cve_details(synopsis):
try:
data = (CveMetadata.select(CveImpact.name.alias('impact'), CveMetadata.cve.alias('synopsis'),
CveMetadata.description, CveMetadata.cvss2_metrics,
CveMetadata.cvss2_score, CveMetadata.cvss3_score,
CveMetadata.cvss3_metrics, CveMetadata.modified_date,
CveMetadata.public_date, CveMetadata.redhat_url,
CveMetadata.secondary_url, CveMetadata.id)
.join(CveImpact, on=(CveMetadata.impact_id == CveImpact.id))
.where(CveMetadata.cve == synopsis)).dicts()[0]
rules_map = get_rules_for_cves([data['id']])
return {
"cvss2_metrics": str_or_none(data['cvss2_metrics']),
"cvss2_score": str_or_none(data['cvss2_score']),
"cvss3_metrics": str_or_none(data['cvss3_metrics']),
"cvss3_score": str_or_none(data['cvss3_score']),
"description": data['description'],
"impact": data['impact'],
"public_date": format_datetime(data['public_date']),
"modified_date": format_datetime(data['modified_date']),
"redhat_url": data['redhat_url'],
"rules": rules_map.get(data['id'], []),
"secondary_url": data['secondary_url'],
"synopsis": data['synopsis'],
}
except IndexError:
raise ApplicationException('No such CVE ID', 404)
def _get_cve_details(synopsis, args):
try:
data = (CveMetadata.select(
CveImpact.name.alias('impact'),
CveMetadata.cve.alias('synopsis'), CveMetadata.description,
CveMetadata.cvss2_metrics, CveMetadata.cvss2_score,
CveMetadata.cvss3_score, CveMetadata.cvss3_metrics,
CveMetadata.modified_date, CveMetadata.celebrity_name,
CveMetadata.public_date, CveMetadata.redhat_url,
CveMetadata.secondary_url, CveMetadata.id,
CveMetadata.advisories_list, CveMetadata.exploits).join(
CveImpact,
on=(CveMetadata.impact_id == CveImpact.id)).where(
CveMetadata.cve == synopsis)).dicts()[0]
rules_map = get_rules_for_cves([data['id']],
connexion.context['user'])
retval = {
"celebrity_name": str_or_none(data['celebrity_name']),
"cvss2_metrics": str_or_none(data['cvss2_metrics']),
"cvss2_score": str_or_none(data['cvss2_score']),
"cvss3_metrics": str_or_none(data['cvss3_metrics']),
"cvss3_score": str_or_none(data['cvss3_score']),
"description": data['description'],
"impact": data['impact'],
"public_date": format_datetime(data['public_date']),
"modified_date": format_datetime(data['modified_date']),
"redhat_url": data['redhat_url'],
"rules": rules_map.get(data['id'], []),
"secondary_url": data['secondary_url'],
"synopsis": data['synopsis'],
"known_exploit": bool(data['exploits'])
}
advisories_list = [] if data.get(
'advisories_list') is None else data['advisories_list']
if 'show_advisories_details' in args and args[
'show_advisories_details'] is True and advisories_list:
retval["advisories_list"] = GetCves._patch_request_advisories(
advisories_list)
else:
retval["advisories_list"] = advisories_list
except IndexError as exc:
raise ApplicationException('No such CVE ID', 404) from exc
return retval