Separate views

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>

vulnerabilities/views.py

@@ -159,13 +159,13 @@ def get_queryset(self):
                 "exploits",
                 Prefetch(
                     "affecting_packages",
-                    queryset=models.Vulnerability.objects.only(
+                    queryset=models.Package.objects.only(
                         "type", "namespace", "name", "version"
                     ),
                 ),
                 Prefetch(
                     "fixed_by_packages",
-                    queryset=models.Vulnerability.objects.only(
+                    queryset=models.Package.objects.only(
                         "type", "namespace", "name", "version"
                     ),
                 ),
@@ -185,68 +185,22 @@ def get_context_data(self, **kwargs):
             weakness_object for weakness_object in vulnerability.weaknesses.all()
             if weakness_object.weakness
         ]
-
-        # Cache aggregated packages
-        (
-            sorted_fixed_by_packages,
-            sorted_affected_packages,
-            all_affected_fixed_by_matches,
-        ) = vulnerability.aggregate_fixed_and_affected_packages()
-
-        severity_vectors, severity_values = self.get_severity_vectors_and_values(vulnerability)
 
         context.update(
             {
                 "vulnerability": vulnerability,
                 "vulnerability_search_form": VulnerabilitySearchForm(self.request.GET),
                 "severities": list(vulnerability.severities.all()),
                 "severity_score_range": "",
-                "severity_vectors": severity_vectors,
                 "references": list(vulnerability.references.all()),
                 "aliases": list(vulnerability.aliases.all()),
-                "affected_packages": sorted_affected_packages,
-                "fixed_by_packages": sorted_fixed_by_packages,
                 "weaknesses": weaknesses_present_in_db,
                 "status": vulnerability.get_status_label,
                 "history": vulnerability.history,
-                "all_affected_fixed_by_matches": all_affected_fixed_by_matches,
             }
         )
         return context
 
-    def get_severity_vectors_and_values(self, vulnerability):
-        """
-        Collect severity vectors and values, excluding EPSS scoring systems efficiently.
-        """
-        severity_vectors = []
-        severity_values = set()
-
-        # Use prefetch data if available
-        valid_scoring_severities = getattr(vulnerability, "prefetched_valid_severities", [])
-
-        for severity in valid_scoring_severities:
-            try:
-                vector_values = SCORING_SYSTEMS[severity.scoring_system].get(
-                    severity.scoring_elements
-                )
-                if vector_values:
-                    severity_vectors.append(vector_values)
-            except (
-                CVSS2MalformedError,
-                CVSS3MalformedError,
-                CVSS4MalformedError,
-                NotImplementedError,
-            ) as e:
-                logging.error(f"CVSSMalformedError for {severity.scoring_elements}: {e}")
-
-        # Collect valid values using a pre-filtered queryset
-        severity_values.update(
-            vulnerability.severities.exclude(value__isnull=True).exclude(value="").values_list("value", flat=True)
-        )
-
-        return severity_vectors, severity_values
-
-
 class HomePage(View):
     template_name = "index.html"
 
@@ -314,3 +268,52 @@ def form_valid(self, form):
 
     def get_success_url(self):
         return reverse_lazy("api_user_request")
+
+
+class VulnerabilityPackagesDetails(DetailView):
+    """
+    View to display all packages affected by or fixing a specific vulnerability.
+    URL: /vulnerabilities/{vulnerability_id}/packages
+    """
+
+    model = models.Vulnerability
+    template_name = "vulnerability_package_details.html"
+    slug_url_kwarg = "vulnerability_id"
+    slug_field = "vulnerability_id"
+
+    def get_queryset(self):
+        """
+        Prefetch and optimize related data to minimize database hits.
+        """
+        return super().get_queryset().prefetch_related(
+            Prefetch(
+                    "affecting_packages",
+                    queryset=models.Package.objects.only(
+                        "type", "namespace", "name", "version"
+                    ),
+                ),
+                Prefetch(
+                    "fixed_by_packages",
+                    queryset=models.Package.objects.only(
+                        "type", "namespace", "name", "version"
+                    ),
+                ),
+        )
+
+    def get_context_data(self, **kwargs):
+        """
+        Build context with preloaded QuerySets and minimize redundant queries.
+        """
+        context = super().get_context_data(**kwargs)
+        vulnerability = self.object
+        (
+            sorted_fixed_by_packages,
+            sorted_affected_packages,
+            all_affected_fixed_by_matches,
+        ) = vulnerability.aggregate_fixed_and_affected_packages()
+        context.update({
+            "affected_packages": sorted_affected_packages,
+            "fixed_by_packages": sorted_fixed_by_packages,
+            "all_affected_fixed_by_matches": all_affected_fixed_by_matches,
+        })
+        return context

vulnerablecode/urls.py

@@ -26,7 +26,7 @@
 from vulnerabilities.views import HomePage
 from vulnerabilities.views import PackageDetails
 from vulnerabilities.views import PackageSearch
-from vulnerabilities.views import VulnerabilityDetails
+from vulnerabilities.views import VulnerabilityDetails, VulnerabilityPackagesDetails
 from vulnerabilities.views import VulnerabilitySearch
 from vulnerablecode.settings import DEBUG_TOOLBAR
 
@@ -80,6 +80,11 @@ def __init__(self, *args, **kwargs):
         VulnerabilityDetails.as_view(),
         name="vulnerability_details",
     ),
+    path(
+        "vulnerabilities/<str:vulnerability_id>/packages",
+        VulnerabilityPackagesDetails.as_view(),
+        name="vulnerability_package_details",
+    ),
     path(
         "api/",
         include(api_router.urls),