Skip to content

rlucente-se-jboss/cve-rhsa-tools

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits

README.md

README.md

 
 

brms6_v_drools.html

brms6_v_drools.html

 
 

clean.sh

clean.sh

 
 

footer-eap7_v_wildfly.html

footer-eap7_v_wildfly.html

 
 

header-eap7_v_wildfly.html

header-eap7_v_wildfly.html

 
 

html-report.xsl

html-report.xsl

 
 

refresh-security-measurement-files.sh

refresh-security-measurement-files.sh

 
 

run-brms-v-drools.sh

run-brms-v-drools.sh

 
 

run-eap-v-wildfly.sh

run-eap-v-wildfly.sh

 
 

Repository files navigation

Use these tools to gather the number of vulnerabilities and Red Hat Security Advisories (RHSA) for products. To get the latest security measurement files as well as the daysofrisk perl script, use the command:

./refresh-security-measurement-files.sh

These two example commands will pull all of the vulnerabilities before and after the EAP 6.2 CP04 release:

perl daysofrisk.pl --cpe jboss_enterprise_application_platform:6 --dates -20140626 --xmlsummary summary-before-6.2.CP04.xml > count-before-6.2.CP04.txt
perl daysofrisk.pl --cpe jboss_enterprise_application_platform:6 --dates 20140627- --xmlsummary summary-after-6.2.CP04.xml > count-after-6.2.CP04.txt

Usage documentation for the daysofrisk script is:

usage: daysofrisk.pl [OPTIONS]
  --cpe <product/package to generate stats for>
            [examples: --cpe all
                       --cpe enterprise_linux
                       --cpe enterprise_linux:3
                       --cpe enterprise_linux:5::client/firefox
                       --cpe /httpd ]
  --severity <all|C|I|M|L|CI|CIM|IL...>
            [filter severity, 'C'ritical 'I'mportant 'M'oderate 'L'ow]
  --cvss <range>
            [filter on cvss base score, example '6.8'|'0-5'|'8-10'|'high'|...]
  --dates [<YYYYMMDD>]-[<YYYYMMDD>]
            [date range, default is 'all', example '20090101-'|'20080203-20080303']
  --xmlsummary <filename>
            [output the XML summary to this file, default summary.xml]

Multiple advisories (RHSA's) may map to a single vulnerability, so the the most important count is the number of vulnerabilities. The vulnerabilities are categorized, in descending order, as (C)ritical, (I)mportant, (M)oderate, and (L)ow.

In the following example, the number of vulnerabilities is the key number since one vulnerability may map to multiple RHSA's.

** 66 advisories (C=8 I=24 L=9 M=25 )
** 52 vulnerabilities (C=1 I=11 L=16 M=24 )

There were fifty-two total vulnerabilities including one critical, eleven important, twenty-four moderate, and sixteen low.

To format the report as HTML, simply prepend the following line in the XML summary file:

<?xml-stylesheet type='text/xsl' href='html-report.xsl'?>

then open the file in a browser.

Alternatively you can use the xsltproc command included on OSX and installed via the libxslt package on RHEL to transform the XML summary file into HTML:

xsltproc html-report.xsl summary.xml > summary.html

then open the resulting HTML file in a brower.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages