API Documentation

The “Crawler” Module

Get the CVE from Mitre based on requested packages/keyword/CVE-ID

mitrecve.crawler.get_cve_detail(cve_simple)

Main function to get cve details

Get all the CVE details for a package/keyword. These are valid string:

• Make multiple package request at the same time : get_cve_detail("package1,package2")
• Use several keyword to narrow a research : get_cve_detail("keyword1+keyword2)"
• And a combination of the above options : get_cve_detail("keyword1+keyword2,package1,package2"). Here there will be 3 differents requests.

Parameters:__package (str) – __package, keyword you want to search for. Returns:ID,URL,DESC,NVD_URL,CNA,CVE_REF_URL. Return type:dict. A dict with an entry for each CVE with these keyword

Examples:

• Example for a simple __package request:

  >> crawler.get_cve_detail("jython")
  {
      0: {
          'ID' : 'CVE-2016-4000',
          'DESC' : 'Jython before 2.7.1rc1 allows attackers to execute arbitrary code via a '
          'crafted serialized PyFunction object.', # cve description
          'NVD_URL' : 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4000',
          'CNA' :
          'CVE_REF_URL' : [
           'http://advisories.mageia.org/MGASA-2015-0096.html',
           'http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html',
           'http://www.mandriva.com/security/advisories?name=MDVSA-2015:158',
           'https://bugzilla.redhat.com/show_bug.cgi?id=947949',
           'http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html'
          ]
      },
      1: {
          'ID' : 'CVE-2013-2027',
          'DESC' : 'Jython 2.2.1 uses the current umask to set the privileges of the class '
          'cache files, which allows local users to bypass intended access '
          'restrictions via unspecified vectors.',
          'NVD_URL' : 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2027',
          'CVE_REF_URL' : [
           'http://advisories.mageia.org/MGASA-2015-0096.html',
           'http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html',
           'http://www.mandriva.com/security/advisories?name=MDVSA-2015:158',
           'https://bugzilla.redhat.com/show_bug.cgi?id=947949',
           'http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html'
          ]
      }
  }
  

mitrecve.crawler.get_main_page(__package)

Main function to get cve

Get all the CVE for a __package/keyword. These are valid string:

• Make multiple __package request at the same time : get_main_page("package1,package2")
• Use several keyword to narrow a research : get_main_page("keyword1+keyword2")
• And a combination of the above options : get_main_page("keyword1+keyword2,package1,package2"). Here there will be 3 differents requests.

Parameters:__package (str) – __package, keyword you want to search for. Returns:ID,URL,DESC. Return type:dict. A dict with an entry for each CVE with these keyword

Examples:

• Example for a simple __package request:

  >> crawler.get_main_page("jython")
  
  {
      0: {
          'DESC': 'Jython before 2.7.1rc1 allows attackers to execute arbitrarycode via a crafted serialized PyFunction object.',
          'ID': 'CVE-2016-4000',
          'URL': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000'
      },
      1: {
          'DESC': 'Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.',
          'ID': 'CVE-2013-2027',
          'URL': 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2027'
      }
  }