67 lines
1.5 KiB
Ruby
67 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
# this is meant to parse and query data in redhat linux rpm-to-cve.xml file
|
|
# that is posted on their security API.
|
|
# Reference: https://www.redhat.com/security/data/metrics/
|
|
|
|
require 'ox'
|
|
require 'json'
|
|
require 'rest-client'
|
|
|
|
class RhelRpmToCve
|
|
# filepath == /path/to/rpm-to-cve.xml
|
|
attr_accessor :filepath, :file, :xml
|
|
|
|
def initialize(filepath: nil)
|
|
@filepath = filepath
|
|
@file = File.read(filepath) if filepath
|
|
@xml = Ox.parse(file) if filepath
|
|
end
|
|
|
|
def list_pkg_names
|
|
xml.rpms.locate('?/@rpm')
|
|
end
|
|
|
|
def refresh_rpm_to_cve_file(path)
|
|
r = RestClient::Request.execute(
|
|
method: :get,
|
|
url: "https://www.redhat.com/security/data/metrics/rpm-to-cve.xml"
|
|
)
|
|
if r.code == 200
|
|
File.write(path, r.body)
|
|
else
|
|
"Error. HTTP Status code: #{r.code}"
|
|
end
|
|
end
|
|
|
|
def pkg_exists?(pkg_name)
|
|
list_pkg_names.include? pkg_name
|
|
end
|
|
|
|
def cves_per_pkg_name(pkg_name)
|
|
if pkg_exists? pkg_name
|
|
results = find_pkg(pkg_name).locate('*/cve').map(&:text).compact
|
|
|
|
cves = results.map { |cve| cve }
|
|
|
|
{
|
|
rhel_package_name: pkg_name,
|
|
cves: cves,
|
|
cve_count: cves.count
|
|
}
|
|
else
|
|
'Package not found.'
|
|
end
|
|
end
|
|
|
|
def find_pkg(pkg_name)
|
|
xml.rpms.locate("rpm[@rpm=#{pkg_name}]").first
|
|
end
|
|
|
|
def convert_to_json
|
|
pkgs = list_pkg_names
|
|
pkgs_and_cves = pkgs.map do |pkg_name|
|
|
cves_per_pkg_name(pkg_name)
|
|
end
|
|
pkgs_and_cves.to_json
|
|
end
|
|
end
|