Add support for CWE

Reference: aboutcode-org#651 Signed-off-by: Ziad <ziadhany2016@gmail.com>
ziadhany · Jun 24, 2022 · 473b364 · 473b364
1 parent c94ed57
commit 473b364
Show file tree

Hide file tree

Showing 5 changed files with 62 additions and 2 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -115,3 +115,4 @@ yarl==1.7.2
 zipp==3.8.0
 dateparser==1.1.1
 fetchcode==0.1.0
+cwe==1.6
diff --git a/setup.cfg b/setup.cfg
@@ -78,6 +78,7 @@ install_requires =
     defusedxml>=0.7.1
     Markdown>=3.3.0
     dateparser>=1.1.1
+    cwe==1.6
 
     # networking
     GitPython>=3.1.17

diff --git a/vulnerabilities/migrations/0016_alter_vulnerabilityseverity_unique_together_and_more.py b/vulnerabilities/migrations/0016_alter_vulnerabilityseverity_unique_together_and_more.py
@@ -0,0 +1,26 @@
+# Generated by Django 4.0.4 on 2022-06-24 21:35
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('vulnerabilities', '0015_alter_vulnerabilityseverity_unique_together_and_more'),
+    ]
+
+    operations = [
+        migrations.AlterUniqueTogether(
+            name='vulnerabilityseverity',
+            unique_together=set(),
+        ),
+        migrations.AddField(
+            model_name='vulnerabilityseverity',
+            name='cwe_ids',
+            field=models.JSONField(blank=True, default=list, help_text="Example: {'CWE-327', .. }"),
+        ),
+        migrations.AlterUniqueTogether(
+            name='vulnerabilityseverity',
+            unique_together={('reference', 'scoring_system', 'value', 'cwe_ids')},
+        ),
+    ]
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -11,7 +11,7 @@
 import json
 import logging
 import uuid
-
+from cwe import Database
 from django.core.exceptions import ValidationError
 from django.core.validators import MaxValueValidator
 from django.core.validators import MinValueValidator
@@ -306,11 +306,25 @@ class VulnerabilitySeverity(models.Model):
 
     value = models.CharField(max_length=50, help_text="Example: 9.0, Important, High")
 
+    cwe_ids = models.JSONField(blank=True, default=list, help_text="Example: {327, .. }")
+
+    @property
+    def cwe_details(self):
+        if not self.cwe_ids:
+            return None
+        db = Database()
+        details = {}
+        for cwe_id in json.dumps(self.cwe_ids):
+            weakness = db.get(cwe_id)
+            details.add(weakness.to_dict())
+        return details
+
     class Meta:
         unique_together = (
             "reference",
             "scoring_system",
             "value",
+            "cwe_ids",
         )
 
 

diff --git a/vulnerabilities/templates/vulnerability.html b/vulnerabilities/templates/vulnerability.html
@@ -79,11 +79,29 @@ <h3>Severity</h3>
                         <td>{{ ref.reference_id }}</td>
 
                     {% endif %}
+
                 </tr>
                 {% endfor %}
-            {% endfor %}
+           {% endfor %}
 
             </table>
+
+            {% for ref in object_list %}
+                {% for obj in ref.severities %}
+                    {% if cwe_ids %}
+                        <h3>Weaknesses:</h3>
+                            {% for cwe_id in cwe_ids %}
+                                <a href="https://cwe.mitre.org/data/definitions/{{ cwe_id }}.html">
+                                    CWE-{{cwe_id}}
+                                </a>
+                             {{ cwe_details }}
+                            {% endfor %}
+                            {% else %}
+                                <h3>Weaknesses:</h3>
+                                <p>No CWEs</p>
+                    {% endif %}
+                {% endfor %}
+            {% endfor %}
         {% endif %}
 
         {% if vulnerability.vulnerable_to.all %}