logo

cve-client

CLI-based client / toolbox for CVE.org

cve-client (2397B)

    

  1. #!/usr/bin/env perl
  2. # CVE-Client: CLI-based client / toolbox for CVE.org
  3. # Copyright © 2021-2023 CVE-Client Authors <https://hacktivis.me/git/cve-client/>
  4. # SPDX-License-Identifier: AGPL-3.0-only
  5. our $VERSION = 'v1.0.5';
  6. use strict;
  7. use utf8;
  8. no warnings;    # Wide Character…
  10. use App::CveClient qw(print_cve);
  12. use Getopt::Std;
  13. $Getopt::Std::STANDARD_HELP_VERSION = 1;
  14. use LWP::UserAgent;
  15. use JSON::MaybeXS;
  17. =head1 NAME
  19. cve-client - CLI-based client / toolbox for CVE.org
  21. =head1 SYNOPSIS
  23. B<cve-client> [-r|-j|-g] <CVE-IDs ...>
  25. =head1 DESCRIPTION
  27. B<cve-client> fetches CVE-IDs from CVE.org API and write the result to standard output.
  29. By default it is pretty-printed into a plain-text format.
  31. =over 3
  33. =item -j
  35. Pipe into jq(1)
  37. =item -r
  39. Raw output, print server's output without any decoding
  41. =item -g
  43. Pretty-print but compatible with Gemini.
  45. =back
  47. =head1 LICENSE
  49. AGPL-3.0-only
  51. =cut
  53. my $json = JSON::MaybeXS->new(utf8 => 1);
  55. my %options = ();
  57. sub HELP_MESSAGE {
  58. 	print "usage: cve-client [-r|-j|-g] <CVE-IDs ...>\n";
  59. 	print " -r  Raw output\n";
  60. 	print " -j  Pipe into jq(1)\n";
  61. 	print " -g  Gemtext format\n";
  62. 	print "Otherwise it tries to do a plain-text representation.\n";
  63. 	exit 1;
  64. }
  66. sub fetch_cve {
  67. 	my ($cve_id) = @_;
  68. 	my $url = 'https://www.cve.org/api/?action=getCveById&cveId=' . $cve_id;
  70. 	#print "Fetching: ", $url, "\n";
  71. 	my $ua = LWP::UserAgent->new;
  72. 	$ua->agent("CVE-Client fetch <https://hacktivis.me/git/cve-client/>");
  73. 	my $req = HTTP::Request->new(GET => $url);
  75. 	#$req->header('Accept' => 'application/json');
  77. 	my $res = $ua->request($req);
  79. 	my $format = $options{g} ? 'gemini' : 'plain';
  81. 	if ($res->is_success) {
  82. 		my $content_type  = $res->header("Content-Type");
  83. 		my $content_match = 'application/json';
  85. 		if ($content_type == $content_match) {
  86. 			if (defined $options{r}) {
  87. 				print $res->content;
  88. 			} elsif (defined $options{j}) {
  89. 				open(my $pipe_out, '|-', 'jq .')
  90. 				  or die "Couldn't open a pipe into jq: $!";
  91. 				print $pipe_out $res->content;
  92. 			} else {
  93. 				my $object = $json->decode($res->content);
  94. 				print_cve($object, $cve_id, $format);
  95. 			}
  96. 		} else {
  97. 			print "Got $content_type instead of $content_match";
  98. 		}
  99. 	} else {
  100. 		print "Got ", $res->status_line, " instead of 2xx\n";
  101. 	}
  102. }
  104. getopts("rjg", \%options);
  106. if ($#ARGV < 0) {
  107. 	HELP_MESSAGE;
  108. 	exit 1;
  109. }
  111. for (@ARGV) {
  112. 	fetch_cve($_) if $_ =~ /^CVE-[0-9]{4}-[0-9]{4,19}$/;
  113. }