Skip to content

Commit

Permalink
NVD API 2.0 support (#27)
Browse files Browse the repository at this point in the history
  • Loading branch information
@t-gian
t-gian committed Mar 29, 2024
1 parent 7d00110 commit 03bb01e
Showing 1 changed file with 12 additions and 9 deletions.
21 changes: 12 additions & 9 deletions honeyscanner/passive_attacks/vuln_analyzer/vuln_analyzer.py
View file
Expand Up @@ -141,19 +141,22 @@ def get_cvss_score(self, cve):
if not cve:
return None

url = f"https://services.nvd.nist.gov/rest/json/cve/1.0/{cve}"
response = requests.get(url)
url = f"https://services.nvd.nist.gov/rest/json/cves/2.0"
response = requests.get(url,params={'cveId':cve})
time.sleep(2) # Wait for 2 seconds to avoid rate limit

if response.status_code == 200:
data = response.json()
if 'result' in data:
cve_item = data['result']['CVE_Items'][0]
impact = cve_item.get('impact', {})
base_metrics = impact.get('baseMetricV3', {}) or impact.get('baseMetricV2', {})
cvss_score = base_metrics.get('cvssV3', {}).get('baseScore') or base_metrics.get('cvssV2', {}).get('baseScore')
return cvss_score

vulns = data.get("vulnerabilities", [])
if vulns:
cve = vulns[0].get("cve",{})
metrics = cve.get("metrics",{})
if metrics:
cvss_metric = metrics.get("cvssMetricV31", []) or metrics.get("cvssMetricV3", []) or metrics.get('cvssMetricV2',[])
if cvss_metric:
cvss_data = cvss_metric[0].get("cvssData",{})
cvss_score = cvss_data.get("baseScore", float)
return cvss_score
return None

@staticmethod
Expand Down

0 comments on commit 03bb01e

Please sign in to comment.