def get_cve_by_cpe(cls, cpe_id): """ Return list of CVE-ID by CPEID @param cve_id: string with CPEID instance @return: list of tuples (CVE-ID instance), Official name) """ if not isinstance(cpe_id, CPEID): cpe_id = CPEID(cpe_id) query = """ SELECT cve_id, summary FROM vulnerabilities AS vulns JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id JOIN products AS pr ON pr.id = concr_pr.product_id WHERE pr.part='%s' AND pr.vendor='%s' AND pr.product='%s' AND concr_pr.version='%s' AND concr_pr.pr_update='%s' AND concr_pr.edition='%s' AND language='%s' """ % (cpe_id.get_part_info(), cpe_id.get_vendor_info(), cpe_id.get_product_info(), cpe_id.get_version_info(), cpe_id.get_update_info(), cpe_id.get_edition_info(), cpe_id.get_language_info()) res = cls._cur.execute(query).fetchall() ret = [] for row in res: cve_id = CVEID(row[0]) #ret.append(str(cve_id)) ret.append((str(cve_id), str(row[1]))) return ret
def get_cve_by_cpe(cls, cpe_id): """ Return list of CVE-ID by CPEID @param cve_id: string with CPEID instance @return: list of tuples (CVE-ID instance), Official name) """ if not isinstance(cpe_id, CPEID): cpe_id = CPEID(cpe_id) query = """ SELECT cve_id, summary FROM vulnerabilities AS vulns JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id JOIN products AS pr ON pr.id = concr_pr.product_id WHERE pr.part='%s' AND pr.vendor='%s' AND pr.product='%s' AND concr_pr.version='%s' AND concr_pr.pr_update='%s' AND concr_pr.edition='%s' AND language='%s' """ % ( cpe_id.get_part_info(), cpe_id.get_vendor_info(), cpe_id.get_product_info(), cpe_id.get_version_info(), cpe_id.get_update_info(), cpe_id.get_edition_info(), cpe_id.get_language_info(), ) res = cls._cur.execute(query).fetchall() ret = [] for row in res: cve_id = CVEID(row[0]) # ret.append(str(cve_id)) ret.append((str(cve_id), str(row[1]))) return ret
def test_cve_creation_only_additional_params_should_be_ok(self): # if cve_stris is not present all other parameters will not be ignores cpe = CPEID( part="a", vendor="microsoft", product="ie", version="8.0.7600.16385", update="1", edition="2", language="en" ) self.assertEqual(cpe.get_part_info(), "a") self.assertEqual(cpe.get_vendor_info(), "microsoft") self.assertEqual(cpe.get_product_info(), "ie") self.assertEqual(cpe.get_version_info(), "8.0.7600.16385") self.assertEqual(cpe.get_update_info(), "1") self.assertEqual(cpe.get_edition_info(), "2") self.assertEqual(cpe.get_language_info(), "en") self.assertEqual(str(cpe).upper(), "CPE:/a:microsoft:ie:8.0.7600.16385:1:2:en".upper())
def test_cve_creation_only_additional_params_should_be_ok(self): #if cve_stris is not present all other parameters will not be ignores cpe = CPEID(part='a', vendor='microsoft', product='ie', version='8.0.7600.16385', update='1', edition='2', language='en') self.assertEqual(cpe.get_part_info(), 'a') self.assertEqual(cpe.get_vendor_info(), 'microsoft') self.assertEqual(cpe.get_product_info(), 'ie') self.assertEqual(cpe.get_version_info(), '8.0.7600.16385') self.assertEqual(cpe.get_update_info(), '1') self.assertEqual(cpe.get_edition_info(), '2') self.assertEqual(cpe.get_language_info(), 'en') self.assertEqual( str(cpe).upper(), "CPE:/a:microsoft:ie:8.0.7600.16385:1:2:en".upper())