logo

cve-client

CLI-based client / toolbox for CVE.org git clone https://anongit.hacktivis.me/git/cve-client.git/

CveClient.pm (4604B)

    

  1. # CVE-Client: CLI-based client / toolbox for CVE.org
  2. # Copyright © 2021-2023 CVE-Client Authors <https://hacktivis.me/git/cve-client/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  4. package App::CveClient;
  5. our $VERSION = 'v1.1.1';
  7. use warnings;
  8. use strict;
  10. use Exporter qw(import);
  12. our @EXPORT_OK = qw(print_cve print_cve50 print_cve40);
  14. sub print_cve {
  15. 	my ($object, $cve_id, $format) = @_;
  17. 	print "CVE ID: ", $cve_id, "\n";
  19. 	if ($object->{'error'} and $object->{'message'}) {
  20. 		die "Error ($object->{'error'}): $object->{'message'}\n";
  21. 	}
  23. 	if ($object->{'dataVersion'} =~ /5\./) {
  24. 		print_cve5($object, $cve_id, $format);
  25. 	} elsif ($object->{'data_version'} == "4.0") {
  26. 		print_cve4($object, $cve_id, $format);
  27. 	} else {
  28. 		print STDERR "Error: unknown CVE format:\n";
  29. 		print STDERR "- data_version: ", $object->{'data_version'}, "\n"
  30. 		  if $object->{'data_version'};
  31. 		print STDERR "- dataVersion: ", $object->{'dataVersion'}, "\n"
  32. 		  if $object->{'dataVersion'};
  33. 	}
  34. }
  36. # https://github.com/CVEProject/cve-schema/blob/master/schema/v5.0/
  37. sub print_cve5 {
  38. 	my ($object, $cve_id, $format) = @_;
  40. 	if ($object->{'cveMetadata'}->{'cveId'} ne $cve_id) {
  41. 		print STDERR "Warning: Got <", $object->{'cveMetadata'}->{'cveId'},
  42. 		  "> instead of <", $cve_id, ">\n";
  43. 	}
  45. 	my $affected = $object->{'containers'}->{'cna'}->{'affected'};
  46. 	if ($affected) {
  47. 		foreach (@{$affected}) {
  48. 			print "Vendor Name: ",  $_->{'vendor'},  "\n";    # vendor required
  49. 			print "Product Name: ", $_->{'product'}, "\n";    # product required
  51. 			foreach (@{$_->{'versions'}}) {
  52. 				print "- ", $_->{'status'}, ": ", $_->{'version'}, "\n";
  53. 			}
  54. 		}
  55. 	} else {
  56. 		print STDERR
  57. "Warning: No CVE affected versions could be found! (as required by the spec)\n";
  58. 	}
  60. 	print "\n";
  62. 	my $metrics = $object->{'containers'}->{'cna'}->{'metrics'};
  63. 	if ($metrics) {
  64. 		foreach (@{$metrics}) {
  65. 			if ($_->{'cvssV3_1'}) {
  66. 				my $metric = $_->{'cvssV3_1'};
  67. 				print "- Score: ", $metric->{'baseScore'}, " ",
  68. 				  $metric->{'baseSeverity'}, "\n";
  69. 			} else {
  70. 				print "Notice: unhandled metrics (CVSS) data\n";
  71. 			}
  72. 		}
  73. 	}
  75. 	print "\n";
  77. 	my $desc = $object->{'containers'}->{'cna'}->{'descriptions'};
  78. 	if ($desc) {
  79. 		foreach (@{$desc}) {
  80. 			print "Description Language: ", $_->{'lang'},  "\n";
  81. 			print "Description:\n",         $_->{'value'}, "\n\n";
  82. 		}
  83. 	} else {
  84. 		print STDERR
  85. "Warning: No CVE description could be found! (as required by the spec)\n";
  86. 	}
  88. 	print "\n";
  90. 	my $refs = $object->{'containers'}->{'cna'}->{'references'};
  91. 	if ($refs) {
  92. 		print "References: \n";
  94. 		foreach (@{$refs}) {
  95. 			print "=> ", $_->{'url'}, "\n";
  96. 		}
  97. 	} else {
  98. 		print STDERR
  99. "Warning: No CVE references could be found! (as required by the spec)\n";
  100. 	}
  101. }
  103. # https://github.com/CVEProject/cve-schema/blob/master/schema/v4.0/
  104. sub print_cve4 {
  105. 	my ($object, $cve_id, $format) = @_;
  107. 	if ($object->{'CVE_data_meta'}->{'ID'} ne $cve_id) {
  108. 		print STDERR "Warning: Got ", $object->{'CVE_data_meta'}->{'ID'},
  109. 		  " instead of ", $cve_id, "\n";
  110. 	}
  112. 	print "TITLE: ", $object->{'CVE_data_meta'}->{'TITLE'}, "\n"
  113. 	  if $object->{'CVE_data_meta'}->{'TITLE'};
  115. 	print "\n";
  117. 	if ($object->{'affects'}->{'vendor'}) {
  118. 		foreach (@{$object->{'affects'}->{'vendor'}->{'vendor_data'}}) {
  119. 			print "Vendor Name: ", $_->{'vendor_name'}, "\n"
  120. 			  if $_->{'vendor_name'};
  122. 			foreach (@{$_->{'product'}->{'product_data'}}) {
  123. 				print "Product name: ", $_->{'product_name'}, "\n";
  124. 				print "Product versions: ";
  126. 				foreach (@{$_->{'version'}->{'version_data'}}) {
  127. 					print $_->{'version_value'}, "; ";
  128. 				}
  130. 				print "\n";
  131. 			}
  132. 		}
  133. 	}
  135. 	print "\n";
  137. 	if ($object->{'description'}->{'description_data'}) {
  138. 		my $descs = $object->{'description'}->{'description_data'};
  140. 		foreach (@{$descs}) {
  141. 			print "Description Language: ", $_->{'lang'},  "\n";
  142. 			print "Description:\n",         $_->{'value'}, "\n\n";
  143. 		}
  144. 	} else {
  145. 		print STDERR "Warning: No CVE description could be found!\n";
  146. 	}
  148. 	if ($object->{'references'}->{'reference_data'}) {
  149. 		my $refs = $object->{'references'}->{'reference_data'};
  151. 		foreach (@{$refs}) {
  152. 			if ($format == 'gemini') {
  153. 				print "Reference Source: ", $_->{'refsource'}, "\n";
  155. 				print "=> ", $_->{'url'} if $_->{'url'};
  156. 				if ($_->{'name'}) {
  157. 					print " ", $_->{'name'}, "\n\n";
  158. 				} else {
  159. 					print "\n\n";
  160. 				}
  161. 			} else {
  162. 				print "Reference Source: ", $_->{'refsource'}, "\n";
  163. 				print "- Name: ",           $_->{'name'}, "\n" if $_->{'name'};
  164. 				print "- URL: ",            $_->{'url'},  "\n" if $_->{'url'};
  165. 				print "\n";
  166. 			}
  167. 		}
  168. 	} else {
  169. 		print STDERR "Warning: No CVE references could be found!\n";
  170. 	}
  171. }
  173. 1;