This repository has been archived by the owner on Nov 7, 2021. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Database dump complete for httpd and nginx
- Loading branch information
1 parent
ee0087b
commit 9c2b0d0
Showing
9 changed files
with
143 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| import requests, json, re | ||
| from datetime import datetime | ||
|
|
||
| targetFile = open('targets.json') | ||
| targetData = json.load(targetFile) | ||
|
|
||
| endpoint = "https://access.redhat.com/hydra/rest/securitydata/cve.json" | ||
| cveUri = "https://access.redhat.com/hydra/rest/securitydata/cve/" | ||
|
|
||
| payload = {} | ||
| headers = {} | ||
|
|
||
| for target in targetData: | ||
| url = endpoint + "?" + "package=" + target | ||
| responseData = requests.request("GET", url, headers=headers, data = payload) | ||
| response = json.loads(responseData.text) | ||
| with open('target_' + target + '.json', 'w') as outfile: | ||
| json.dump(response, outfile) | ||
| cveData = {} | ||
| size = len(response) | ||
| i = 0 | ||
| for CVE in response: | ||
| i += 1 | ||
| if CVE['severity'] == 'low': | ||
| continue | ||
| cveEndpoint = cveUri + CVE['CVE'] + ".json" | ||
| cveResponseData = requests.request("GET", cveEndpoint, headers=headers, data = payload) | ||
| cveResponse = json.loads(cveResponseData.text) | ||
| # print(cveResponse) | ||
| print("[", datetime.now(), "]", i, "/", size, CVE['CVE']) | ||
| if 'affected_release' not in cveResponse: | ||
| continue | ||
| try: | ||
| for release in cveResponse['affected_release']: | ||
| if target not in release['package']: | ||
| continue | ||
| versionMatch = re.search('[0-9]*\.[0-9]*', release['package']) | ||
| # print(versionMatch) | ||
| # print(release) | ||
| # print(release['package']) | ||
| version = versionMatch.group() | ||
| # print(version) | ||
| if version not in cveData: | ||
| cveData[version] = [] | ||
| if CVE['CVE'] not in cveData[version]: | ||
| # print(cveData[version]) | ||
| major = "" | ||
| for detail in cveResponse['details']: | ||
| major += " " + detail | ||
| cveData[version].append(CVE['CVE']) | ||
| except: | ||
| pass | ||
| with open('target_' + target + '_cve_backup.txt', 'w') as outfile: | ||
| outfile.write(str(cveData)) | ||
| with open('target_' + target + '_cve.json', 'w') as outfile: | ||
| json.dump(cveData, outfile) |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| { | ||
| "2.4": [ | ||
| "CVE-2019-10097", | ||
| "CVE-2019-0215", | ||
| "CVE-2017-7659", | ||
| "CVE-2017-7668", | ||
| "CVE-2016-5387", | ||
| "CVE-2016-4979", | ||
| "CVE-2016-1546", | ||
| "CVE-2015-3183", | ||
| "CVE-2014-0231", | ||
| "CVE-2014-0117", | ||
| "CVE-2014-0118", | ||
| "CVE-2014-0226", | ||
| "CVE-2013-4352" | ||
| ], | ||
| "7.61": [ | ||
| "CVE-2018-1000301", | ||
| "CVE-2017-8816", | ||
| "CVE-2017-8817", | ||
| "CVE-2016-8620", | ||
| "CVE-2016-5421" | ||
| ], | ||
| "0.13": [ | ||
| "CVE-2019-3878" | ||
| ], | ||
| "2.2": [ | ||
| "CVE-2017-12171", | ||
| "CVE-2016-5387", | ||
| "CVE-2015-3183", | ||
| "CVE-2014-0231", | ||
| "CVE-2014-0118", | ||
| "CVE-2014-0226", | ||
| "CVE-2013-6438", | ||
| "CVE-2013-1896", | ||
| "CVE-2012-3499", | ||
| "CVE-2012-4558", | ||
| "CVE-2012-0053", | ||
| "CVE-2011-4317", | ||
| "CVE-2011-3639", | ||
| "CVE-2011-3368", | ||
| "CVE-2011-3348", | ||
| "CVE-2011-3192", | ||
| "CVE-2010-1623", | ||
| "CVE-2010-2791", | ||
| "CVE-2010-0408", | ||
| "CVE-2009-3555", | ||
| "CVE-2009-2412", | ||
| "CVE-2009-1890", | ||
| "CVE-2009-0023", | ||
| "CVE-2009-1955", | ||
| "CVE-2009-1191", | ||
| "CVE-2008-1678" | ||
| ], | ||
| "2.0": [ | ||
| "CVE-2011-3368", | ||
| "CVE-2011-3192", | ||
| "CVE-2005-2088", | ||
| "CVE-2004-0942", | ||
| "CVE-2004-0786", | ||
| "CVE-2004-0748", | ||
| "CVE-2005-2728", | ||
| "CVE-2004-0493", | ||
| "CVE-2004-1834", | ||
| "CVE-2004-0113" | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {'2.4': ['CVE-2019-10097', 'CVE-2019-0215', 'CVE-2017-7659', 'CVE-2017-7668', 'CVE-2016-5387', 'CVE-2016-4979', 'CVE-2016-1546', 'CVE-2015-3183', 'CVE-2014-0231', 'CVE-2014-0117', 'CVE-2014-0118', 'CVE-2014-0226', 'CVE-2013-4352'], '7.61': ['CVE-2018-1000301', 'CVE-2017-8816', 'CVE-2017-8817', 'CVE-2016-8620', 'CVE-2016-5421'], '0.13': ['CVE-2019-3878'], '2.2': ['CVE-2017-12171', 'CVE-2016-5387', 'CVE-2015-3183', 'CVE-2014-0231', 'CVE-2014-0118', 'CVE-2014-0226', 'CVE-2013-6438', 'CVE-2013-1896', 'CVE-2012-3499', 'CVE-2012-4558', 'CVE-2012-0053', 'CVE-2011-4317', 'CVE-2011-3639', 'CVE-2011-3368', 'CVE-2011-3348', 'CVE-2011-3192', 'CVE-2010-1623', 'CVE-2010-2791', 'CVE-2010-0408', 'CVE-2009-3555', 'CVE-2009-2412', 'CVE-2009-1890', 'CVE-2009-0023', 'CVE-2009-1955', 'CVE-2009-1191', 'CVE-2008-1678'], '2.0': ['CVE-2011-3368', 'CVE-2011-3192', 'CVE-2005-2088', 'CVE-2004-0942', 'CVE-2004-0786', 'CVE-2004-0748', 'CVE-2005-2728', 'CVE-2004-0493', 'CVE-2004-1834', 'CVE-2004-0113']} |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {"1.8": ["CVE-2018-16845", "CVE-2016-4450", "CVE-2016-0742", "CVE-2016-0746", "CVE-2016-0747"], "1.10": ["CVE-2018-16845", "CVE-2018-16843"], "1.12": ["CVE-2018-16845", "CVE-2018-16844", "CVE-2018-16843"], "1.14": ["CVE-2018-16845", "CVE-2018-16844", "CVE-2018-16843"]} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {'1.8': ['CVE-2018-16845', 'CVE-2016-4450', 'CVE-2016-0742', 'CVE-2016-0746', 'CVE-2016-0747'], '1.10': ['CVE-2018-16845', 'CVE-2018-16843'], '1.12': ['CVE-2018-16845', 'CVE-2018-16844', 'CVE-2018-16843'], '1.14': ['CVE-2018-16845', 'CVE-2018-16844', 'CVE-2018-16843']} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| [ | ||
| "httpd", | ||
| "nginx" | ||
| ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters