|
71 | 71 | response = hub.execute_get(vulnerable_components_url, custom_headers=custom_headers) |
72 | 72 | vulnerable_bom_components = response.json().get('items', []) |
73 | 73 |
|
| 74 | +bdsa_records = set() |
| 75 | +cve_records = set() |
| 76 | + |
74 | 77 | for i, vuln in enumerate(vulnerable_bom_components): |
75 | 78 | source = vuln['vulnerabilityWithRemediation']['source'] |
76 | 79 | vuln_name = vuln['vulnerabilityWithRemediation']['vulnerabilityName'] |
|
87 | 90 | vuln_details_response = hub.execute_get(vuln_url, custom_headers={'Accept': 'application/json'}) |
88 | 91 | vuln_details = vuln_details_response.json() |
89 | 92 |
|
90 | | - import pdb; pdb.set_trace() |
91 | | - |
92 | 93 | vuln['additional_vuln_info'] = vuln_details |
| 94 | + |
93 | 95 | if source == 'BDSA': |
| 96 | + bdsa_records.add(vuln_name) |
| 97 | + |
94 | 98 | # get related vulnerability info, i.e. CVE |
95 | 99 | # note: not all BDSA records will have a corresponding CVE record |
96 | 100 | cve_url = hub.get_link(vuln_details, "related-vulnerability") |
97 | 101 | if cve_url: |
98 | 102 | cve_details_response = hub.execute_get(cve_url, custom_headers={'Accept': 'application/json'}) |
99 | 103 | cve_details = cve_details_response.json() |
100 | 104 | vuln['related_vulnerability'] = cve_details |
101 | | - |
| 105 | + cve_records.add(cve_details['name']) |
| 106 | + elif source == "NVD": |
| 107 | + cve_records.add(vuln_name) |
| 108 | + else: |
| 109 | + logging.warning(f"source {source} was not recognized") |
102 | 110 |
|
103 | 111 | if vulnerable_bom_components: |
104 | 112 | vulnerable_bom_components = sorted( |
|
137 | 145 |
|
138 | 146 | everything = { |
139 | 147 | 'counts': counts, |
140 | | - 'vulnerabilities': vulnerable_bom_components |
| 148 | + 'vulnerabilities': vulnerable_bom_components, |
| 149 | + 'bdsa_records': list(bdsa_records), |
| 150 | + 'cve_records': list(cve_records), |
141 | 151 | } |
142 | 152 |
|
143 | 153 | print(json.dumps(everything)) |
|
0 commit comments