chg: [format] new vulnerability-lookup: container for enrichment meta…

…da such as sightings, comments, bundles, and meta used in the API (/vulnerability endpoint). The impacted vulnerability_templates.html template has been udated appropriately.
cve-search · Dec 18, 2024 · 6b77b52 · 6b77b52
1 parent 4879ceb
commit 6b77b52
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 14 deletions.
diff --git a/vulnerabilitylookup/vulnerabilitylookup.py b/vulnerabilitylookup/vulnerabilitylookup.py
@@ -89,7 +89,7 @@ def get_vulnerability(self, vulnerability_id: str,
         vuln = json.loads(_vuln)
         if with_meta:
             if meta := self.get_vulnerability_meta(_vid):
-                vuln['meta'] = meta
+                vuln['vulnerability-lookup:meta'] = meta
         return vuln
 
     def get_sources(self) -> set[str]:

diff --git a/website/web/api/v1/vulnerability.py b/website/web/api/v1/vulnerability.py
@@ -110,11 +110,11 @@ def get(self, vulnerability_id: str) -> dict[str, Any] | None:
         )
 
         if with_linked:
-            to_return["linked"] = vulnerabilitylookup.get_linked_vulnerabilities(vulnerability_id)  # type: ignore[index]
+            to_return["vulnerability-lookup:linked"] = vulnerabilitylookup.get_linked_vulnerabilities(vulnerability_id)  # type: ignore[index]
         if with_comments:
-            to_return["comments"] = [elem.to_dict() for elem in Comment.query.filter(Comment.vulnerability.ilike(vulnerability_id)).all()]  # type: ignore[index]
+            to_return["vulnerability-lookup:comments"] = [elem.to_dict() for elem in Comment.query.filter(Comment.vulnerability.ilike(vulnerability_id)).all()]  # type: ignore[index]
         if with_bundles:
-            to_return["bundles"] = [  # type: ignore[index]
+            to_return["vulnerability-lookup:bundles"] = [  # type: ignore[index]
                 elem.to_dict()
                 for elem in Bundle.query.filter(
                     func.lower(cast(Bundle.related_vulnerabilities, String)).contains(
@@ -123,7 +123,7 @@ def get(self, vulnerability_id: str) -> dict[str, Any] | None:
                 ).all()
             ]
         if with_sightings:
-            to_return["sightings"] = [elem.to_dict() for elem in Sighting.query.filter(Sighting.vulnerability.ilike(vulnerability_id)).all()]  # type: ignore[index]
+            to_return["vulnerability-lookup:sightings"] = [elem.to_dict() for elem in Sighting.query.filter(Sighting.vulnerability.ilike(vulnerability_id)).all()]  # type: ignore[index]
 
         return to_return
 

diff --git a/website/web/templates/vulnerability_templates.html b/website/web/templates/vulnerability_templates.html
@@ -99,8 +99,8 @@ <h6 class="card-subtitle mb-2 text-body-secondary">
       Vulnerability from <a href="https://nvd.nist.gov/vuln" rel="noreferrer" target="_blank">{{source}}</a>
     </h6>
     <p class="card-text">{{vulnerability_data['cve']['descriptions'][0]['value']}}</p>
-    {%if 'cisa_known_exploited' in vulnerability_data['meta']%}
-    {{ cisa_known_exploited_view(vulnerability_data['meta']['cisa_known_exploited']) }}
+    {%if 'cisa_known_exploited' in vulnerability_data['vulnerability-lookup:meta']%}
+    {{ cisa_known_exploited_view(vulnerability_data['vulnerability-lookup:meta']['cisa_known_exploited']) }}
     {%endif%}
     <a href="https://nvd.nist.gov/vuln/detail/{{vulnerability_id}}" class="card-link" rel="noreferrer" target="_blank">Show details on source website</a>
     {{ collapse_raw(source, vulnerability_id, vulnerability_data) }}
@@ -181,7 +181,7 @@ <h6 class="card-subtitle mb-2 text-body-secondary">
         <div class="row">
           <div class="col-md-2 fw-bold" data-bs-toggle="tooltip" data-bs-placement="right" title="The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity.">Severity <span style="color: green;">?</span></div>
           <div class="col">
-          {% set data = vulnerability_data['meta']['nvd'] | str_to_obj %}
+          {% set data = vulnerability_data['vulnerability-lookup:meta']['nvd'] | str_to_obj %}
           {% if 'metrics' in data['cve'] %}
             {% if 'cvssMetricV31' in data['cve']['metrics'] %}
               {% set version = 'cvssV3_1' %}
@@ -225,11 +225,11 @@ <h6 class="card-subtitle mb-2 text-body-secondary">
           <div class="col-md-2 fw-bold">Summary</div><div class="col">{{vulnerability_data['containers']['cna']['title']}}</div>
         </div>
       {% endif %}
-      {% if 'meta' in vulnerability_data and 'nvd' in vulnerability_data['meta']  %}
+      {% if 'vulnerability-lookup:meta' in vulnerability_data and 'nvd' in vulnerability_data['vulnerability-lookup:meta']  %}
         <div class="row">
           <div class="col-md-2 fw-bold">References</div>
           <div class="col">
-            {% set data = vulnerability_data['meta']['nvd'] | str_to_obj %}
+            {% set data = vulnerability_data['vulnerability-lookup:meta']['nvd'] | str_to_obj %}
             <table class="table table-borderless table-hover">
               <thead>
                 <tr data-bs-toggle="collapse" data-bs-target="#collapseReferenceTable{{ vulnerability_id }}" aria-expanded="false" aria-controls="collapseReferenceTable{{ vulnerability_id }}">
@@ -355,8 +355,8 @@ <h6 class="card-subtitle mb-2 text-body-secondary">
 
         </div>
       </div>
-      {% if 'cisa_known_exploited' in vulnerability_data['meta'] %}
-        {{ cisa_known_exploited_view(vulnerability_data['meta']['cisa_known_exploited']) }}
+      {% if 'cisa_known_exploited' in vulnerability_data['vulnerability-lookup:meta'] %}
+        {{ cisa_known_exploited_view(vulnerability_data['vulnerability-lookup:meta']['cisa_known_exploited']) }}
       {% endif %}
     {% endif %}
     <a href="https://nvd.nist.gov/vuln/detail/{{vulnerability_id}}" class="card-link" rel="noreferrer" target="_blank">Show details on NVD website</a>
@@ -389,8 +389,8 @@ <h6 class="card-subtitle mb-2 text-body-secondary">
       {% else %}
         <p class="card-text">{{vulnerability_data['containers']['cna']['descriptions'][0]['value']}}</p>
       {%endif%}
-      {%if 'cisa_known_exploited' in vulnerability_data['meta']%}
-        {{ cisa_known_exploited_view(vulnerability_data['meta']['cisa_known_exploited']) }}
+      {%if 'cisa_known_exploited' in vulnerability_data['vulnerability-lookup:meta']%}
+        {{ cisa_known_exploited_view(vulnerability_data['vulnerability-lookup:meta']['cisa_known_exploited']) }}
       {%endif%}
     {%endif%}
     {{ collapse_raw(source, vulnerability_id, vulnerability_data) }}