def cve(cve_id): cvesp = CveHandler( rankinglookup=True, namelookup=True, via4lookup=True, capeclookup=True, subscorelookup=True, ) cve = cvesp.getcve(cveid=cve_id.upper()) if cve is None: return render_template("error.html", status={ "except": "cve-not-found", "info": { "cve": cve_id } }) if app.config["WebInterface"]: cve = markCPEs(cve) plugManager.onCVEOpen(cve_id, **pluginArgs) pluginData = plugManager.cvePluginInfo(cve_id, **pluginArgs) return render_template("cve.html", cve=cve, plugins=pluginData) else: return render_template("cve.html", cve=cve)
def watchlist_cve(cveid): entity = request.args.get('entity') product = request.args.get('product') cvesp = CveHandler( rankinglookup=True, namelookup=True, via4lookup=True, capeclookup=True, subscorelookup=True, ) cve = cvesp.getcve(cveid=cveid.upper()) if cve is None: return render_template("error.html", status={ "except": "cve-not-found", "info": { "cve": cveid } }) wcve = getWatchlistCVE(cveid, entity, product) if wcve and 'comment' in wcve: comment = wcve['comment'] else: comment = None return render_template("watchlistCve.html", cve=cve, entity=entity, product=product, comment=comment)
def api_cve(self, cveid): cvesp = CveHandler( rankinglookup=True, namelookup=True, via4lookup=True, capeclookup=True ) cve = cvesp.getcve(cveid=cveid.upper()) if not cve: raise (APIError("cve not found", 404)) return cve
def qcvesForCPE(cpe, limit=0): cpe = toStringFormattedCPE(cpe) data = [] if cpe: cvesp = CveHandler( rankinglookup=False, namelookup=False, via4lookup=True, capeclookup=False ) r = cvesForCPE(cpe, limit=limit) for x in r["results"]: data.append(cvesp.getcve(x["id"])) return data
def cve(self, cveid): cveid = cveid.upper() cvesp = CveHandler( rankinglookup=True, namelookup=True, via4lookup=True, capeclookup=True, subscorelookup=True, ) cve = cvesp.getcve(cveid=cveid) if cve is None: return render_template("error.html", status={ "except": "cve-not-found", "info": { "cve": cveid } }) cve = self.markCPEs(cve) self.plugManager.onCVEOpen(cveid, **self.pluginArgs) pluginData = self.plugManager.cvePluginInfo(cveid, **self.pluginArgs) return render_template("cve.html", cve=cve, plugins=pluginData)
def cve(cve_id): cvesp = CveHandler( rankinglookup=True, namelookup=True, via4lookup=True, capeclookup=True, subscorelookup=True, ) cve = cvesp.getcve(cveid=cve_id.upper()) if cve is None: return ( render_template( "error.html", status={"except": "cve-not-found", "info": {"cve": cve_id}}, ), 404, ) if app.config["WebInterface"]: cve = markCPEs(cve) return render_template("cve.html", cve=cve) else: return render_template("cve.html", cve=cve)
runPath = os.path.dirname(os.path.realpath(__file__)) sys.path.append(os.path.join(runPath, "..")) from lib.CVEs import CveHandler from lib.DatabaseLayer import getCVEIDs argParser = argparse.ArgumentParser(description='Dump database in JSON format') argParser.add_argument('-r', default=False, action='store_true', help='Include ranking value') argParser.add_argument('-v', default=False, action='store_true', help='Include via4 map') argParser.add_argument('-c', default=False, action='store_true', help='Include CAPEC information') argParser.add_argument('-l', default=False, type=int, help='Limit output to n elements (default: unlimited)') args = argParser.parse_args() rankinglookup = args.r via4lookup = args.v capeclookup = args.c cves = CveHandler(rankinglookup=rankinglookup, via4lookup=via4lookup, capeclookup=capeclookup) for cveid in getCVEIDs(limit=args.l): item = cves.getcve(cveid=cveid) if 'cvss' in item: if type(item['cvss']) == str: item['cvss'] = float(item['cvss']) date_fields = ['cvss-time', 'Modified', 'Published'] for field in date_fields: if field in item: item[field] = str(item[field]) print(json.dumps(item, sort_keys=True, default=json_util.default))
with ix.searcher() as searcher: if not args.o: query = QueryParser("content", ix.schema).parse(" ".join(args.q)) else: query = QueryParser("content", schema=ix.schema, group=qparser.OrGroup).parse(" ".join(args.q)) results = searcher.search(query, limit=None) for x in results: if not args.f: print(x["path"]) else: print( json.dumps( cves.getcve(x["path"]), sort_keys=True, default=json_util.default, )) if args.t and not args.f: print(" -- " + x["title"]) elif args.m: xr = ix.searcher().reader() for x in xr.most_frequent_terms("content", number=args.m): sys.stdout.write(str(int(x[0]))) sys.stdout.write(",") sys.stdout.write(x[1].decode("utf-8")) sys.stdout.write("\n") elif args.l and not args.g: xr = ix.searcher().reader() for x in xr.lexicon("content"):