def create(item: dict): if '** REJECT **' not in CveFactory.summary(item): old = CveDocument.search().filter( 'term', id=CveFactory.get_id(item)).sort( '-last_modified_date')[0].execute() if old.hits: last_modified_date = old.hits[0].last_modified_date else: last_modified_date = None if not last_modified_date or last_modified_date < CveFactory.last_modified_date( item): cve = CveDocument(id=CveFactory.get_id(item)) for field in CveDocument.get_fields_name(): parser = getattr(CveFactory, field, None) if parser: try: setattr(cve, field, parser(item)) except Exception as err: logging.debug( F'cve id {cve.id}, field {field}, err {err}') for cpe in CveFactory.get_cpe(item): cve.cpe.append(cpe) if old.hits and cve.has_changed(old.hits[0]): return old.hits[0].update(cve, weak=True) else: return cve.save(weak=True) return None logging.info(F'cve id {CveFactory.get_id(item)} is rejected') return None
def create_cve(cve_id='CVE-2017-0002', save=True) -> CveDocument: cve = CveDocument(id=cve_id, base_score_v2=6.8, access_vector_v2=metrics.AccessVectorV2.NETWORK, access_complexity_v2=metrics.AccessComplexityV2.MEDIUM, authentication_v2=metrics.AuthenticationV2.NONE, confidentiality_impact_v2=metrics.ImpactV2.PARTIAL, integrity_impact_v2=metrics.ImpactV2.PARTIAL, availability_impact_v2=metrics.ImpactV2.PARTIAL, base_score_v3=8.8, attack_vector_v3=metrics.AttackVectorV3.NETWORK, attack_complexity_v3=metrics.AttackComplexityV3.LOW, privileges_required_v3=metrics.PrivilegesRequiredV3.NONE, user_interaction_v3=metrics.UserInteractionV3.REQUIRED, scope_v3=metrics.ScopeV3.UNCHANGED, confidentiality_impact_v3=metrics.ImpactV3.HIGH, integrity_impact_v3=metrics.ImpactV3.HIGH, availability_impact_v3=metrics.ImpactV3.HIGH) if save: cve.save() return cve