Class: NVDHelper

Inherits:

Object

• Object
• NVDHelper

Defined in:

lib/nvd_helper.rb

Overview

© 2024 Gerald Hilts License: MIT (github.com/gwhilts/cve_lookup/blob/main/LICENSE)

Constant Summary

NIST_API_SERVER =

"https://services.nvd.nist.gov"

NIST_CVE_URL_BASE =

"https://nvd.nist.gov/vuln/detail/"

Class Method Summary

• .cpe_list_for(name, version) ⇒ Object
• .cpe_uri(name, version) ⇒ Object
• .cve_list_for(cpe_name) ⇒ Object
• .cve_uri(cpe_name) ⇒ Object
• .detail_urls_for(cve_list) ⇒ Object

Class Method Details

.cpe_list_for(name, version) ⇒ Object

# File 'lib/nvd_helper.rb', line 11

def self.cpe_list_for(name, version)
  begin
    HTTParty.get(cpe_uri(name, version))['products'].map do |p|
      { title: p['cpe']['titles'][0]['title'], cpe_name: p['cpe']['cpeName'] }
    end
  rescue
    []
  end
end

.cpe_uri(name, version) ⇒ Object

# File 'lib/nvd_helper.rb', line 21

def self.cpe_uri(name, version)
  "#{NIST_API_SERVER}/rest/json/cpes/2.0?cpeMatchString=cpe:2.3:*:*:#{CGI.escape(name)}:#{CGI.escape(version)}"
end

.cve_list_for(cpe_name) ⇒ Object

# File 'lib/nvd_helper.rb', line 25

def self.cve_list_for(cpe_name)
  # begin
    HTTParty.get(cve_uri(cpe_name))["vulnerabilities"].map { |v| v["cve"]["id"] }
  # rescue
  #   []
  # end
end

.cve_uri(cpe_name) ⇒ Object

# File 'lib/nvd_helper.rb', line 33

def self.cve_uri(cpe_name)
  "#{NIST_API_SERVER}/rest/json/cves/2.0?cpeName=#{cpe_name}"
end

.detail_urls_for(cve_list) ⇒ Object

# File 'lib/nvd_helper.rb', line 37

def self.detail_urls_for(cve_list)
  cve_list.map { |cve| NIST_CVE_URL_BASE + cve }
end