diff --git a/cve_bin_tool/parsers/env.py b/cve_bin_tool/parsers/env.py index d8c5675825..7695991db5 100644 --- a/cve_bin_tool/parsers/env.py +++ b/cve_bin_tool/parsers/env.py @@ -112,6 +112,7 @@ def run_checker(self, filename): "cve_id": cve.ad_hoc_cve_id, "vendor": cve.vendor, "product": cve.product, + # TODO Version MUST be unique to this bug! "version": cve.version, "versionStartIncluding": "", # "versionStartIncluding": cve.version, @@ -122,10 +123,35 @@ def run_checker(self, filename): } for _namespace, cve in env_config.namespaces.items() ] + severity_data = [ + { + "ID": cve.ad_hoc_cve_id, + # TODO severity + "severity": "LOW", + # TODO description + "description": "TODO", + # TODO score + "score": 0, + # TODO CVSS_version + "CVSS_version": "unknown", + # TODO CVSS_vector + "CVSS_vector": "", + # TODO Ideally this comes from bisecting and pinpointing the + # bug's introduction to the codebase + "last_modified": "", + } + for _namespace, cve in env_config.namespaces.items() + ] + + with self.cve_db.with_cursor() as cursor: + for _namespace, cve in env_config.namespaces.items(): + cursor.execute(f"DELETE from cve_range where product='{cve.product}'") with self.cve_db.with_cursor() as cursor: self.cve_db.populate_affected(affected_data, cursor, data_source) + self.cve_db.populate_severity(severity_data, cursor, data_source) + self.cve_db.populate_cve_metrics(severity_data, cursor) - for _namespace, cve in env_config.namespaces.items(): - yield from self.find_vendor(cve.product, cve.version) + for _namespace, cve in env_config.namespaces.items(): + yield from self.find_vendor(cve.product, cve.vendor) # TODO VEX attached via linked data to ad-hoc CVE-ID