def create(item: dict):
if '** REJECT **' not in CveFactory.summary(item):
old = CveDocument.search().filter(
'term', id=CveFactory.get_id(item)).sort(
'-last_modified_date')[0].execute()
if old.hits:
last_modified_date = old.hits[0].last_modified_date
else:
last_modified_date = None
if not last_modified_date or last_modified_date < CveFactory.last_modified_date(
item):
cve = CveDocument(id=CveFactory.get_id(item))
for field in CveDocument.get_fields_name():
parser = getattr(CveFactory, field, None)
if parser:
try:
setattr(cve, field, parser(item))
except Exception as err:
logging.debug(
F'cve id {cve.id}, field {field}, err {err}')
for cpe in CveFactory.get_cpe(item):
cve.cpe.append(cpe)
if old.hits and cve.has_changed(old.hits[0]):
return old.hits[0].update(cve, weak=True)
else:
return cve.save(weak=True)
return None
logging.info(F'cve id {CveFactory.get_id(item)} is rejected')
return None
def create_cve(cve_id='CVE-2017-0002', save=True) -> CveDocument:
cve = CveDocument(id=cve_id,
base_score_v2=6.8,
access_vector_v2=metrics.AccessVectorV2.NETWORK,
access_complexity_v2=metrics.AccessComplexityV2.MEDIUM,
authentication_v2=metrics.AuthenticationV2.NONE,
confidentiality_impact_v2=metrics.ImpactV2.PARTIAL,
integrity_impact_v2=metrics.ImpactV2.PARTIAL,
availability_impact_v2=metrics.ImpactV2.PARTIAL,
base_score_v3=8.8,
attack_vector_v3=metrics.AttackVectorV3.NETWORK,
attack_complexity_v3=metrics.AttackComplexityV3.LOW,
privileges_required_v3=metrics.PrivilegesRequiredV3.NONE,
user_interaction_v3=metrics.UserInteractionV3.REQUIRED,
scope_v3=metrics.ScopeV3.UNCHANGED,
confidentiality_impact_v3=metrics.ImpactV3.HIGH,
integrity_impact_v3=metrics.ImpactV3.HIGH,
availability_impact_v3=metrics.ImpactV3.HIGH)
if save:
cve.save()
return cve