blob: 38f3069694cdd45bac2eaa337d486270929294b2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
#!/usr/bin/env python3
import os, sys
import json
jsonfile = sys.argv[1]
#ignored_recipes = ("linux-yocto", "db", "db-native")
ignored_recipes = []
with open(jsonfile) as f:
cvedata = json.load(f)
cves = dict()
for recipe in cvedata['package']:
if recipe['name'] in ignored_recipes:
continue
if 'issue' not in recipe:
continue
for i in recipe['issue']:
if i['status'] == "Unpatched":
if i["id"] in cves:
cves[i["id"]] += ":" + recipe['name']
else:
cves[i["id"]] = recipe['name']
recipe_counts = {}
for cve, name in cves.items():
if name not in recipe_counts:
recipe_counts[name] = {'count': 1, 'cves': [f"https://web.nvd.nist.gov/view/vuln/detail?vulnId={cve}"]}
else:
recipe_counts[name]['count'] += 1
recipe_counts[name]['cves'].append(f"https://web.nvd.nist.gov/view/vuln/detail?vulnId={cve}")
formatted_data = {}
for name, info in sorted(recipe_counts.items(), key=lambda x:x[1]['count'], reverse= True):
formatted_data[f"{name}: {info['count']}"] = info['cves']
print("CVE counts by recipes:")
for name, cves in formatted_data.items():
print("")
print(name)
for cve in cves:
print(f" {cve}")
|