-
Notifications
You must be signed in to change notification settings - Fork 0
/
models.py
63 lines (48 loc) · 2.15 KB
/
models.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
import requests
import time
import os
BASEURL_CPE_API = 'https://services.nvd.nist.gov/rest/json/cpes/2.0'
BASEURL_CVE_API = 'https://services.nvd.nist.gov/rest/json/cves/2.0'
class ComponentCheck():
def __init__(self, component):
self.component = component
self.component_name = component['name']
self.component_version = component['version']
def check_CPE_API(self):
"""check CPE API for component"""
resp = requests.get(
f"{BASEURL_CPE_API}?cpeMatchString={self.component['cpe']}")
time.sleep(6)
return resp.json()
def check_CVE_API(self):
"""check CVE API for component"""
resp = requests.get(
f"{BASEURL_CVE_API}?cpeName={self.component['cpe']}")
time.sleep(6)
return resp.json()
def write_results_to_file(self, results):
"""write the results to txt file"""
f = open("results.txt", "a")
f.write(f'Component Name: {self.component_name}, ' +
f'Version: {self.component_version} ' + '-->\n')
f.write(results + '\n')
f.close()
def process_results(self, resp_cpe, resp_cve):
"""process the results back from APIs"""
result = ""
if resp_cpe['totalResults'] == 0:
result = result + "No current entries found from CPE API.\n"
else:
result = result + \
f"Found CPE entry for component --> Title: {resp_cpe['products'][0]['cpe']['titles'][0]['title']}\n"
if resp_cve['totalResults'] == 0:
result = result + 'No current vulnerabilities found for component.\n'
else:
result = result + \
f"Found {resp_cve['totalResults']} total CVEs/vulnerabilities for component.\n"
count = 0
for cve in resp_cve['vulnerabilities']:
count = count + 1
result = result + \
f"{count}. ID: {cve['cve']['id']}, Status: {cve['cve']['vulnStatus']}, Published: {cve['cve']['published']}, Description: {cve['cve']['descriptions'][0]['value']}\n"
return result