Jh- ddlZddlmZmZmZmZddlmZmZddl m Z ddl m Z ddl mZmZddlmZddlmZdd lmZmZmZmZmZmZmZmZGd d eZGd d eZGddeZGddeZ GddeZ!Gddee Z"GddeZ#de$fdZ%dede"fdZ&dedee'efde'de"fdZ(dedede"fd Z)e d!d"e)e#Z*d$d%d&e"eggd'd(d)Z+y)*N)AnyDictListOptional)systemutil) APIEndpoint)AdditionalInfo)VulnerabilityParserget_vulnerabilities)get_apt_cache_datetime)UAConfig) BoolDataValue DataObjectDatetimeDataValueFieldFloatDataValueStringDataValue data_dict data_listc`eZdZededdededdgZddddeedeefdZy ) CVEsOptions unfixableFzShow only unfixable CVES.docfixablezShow only fixable CVES.rrc ||_||_yNr)selfrrs E/usr/lib/python3/dist-packages/uaclient/api/u/pro/security/cves/v1.py__init__zCVEsOptions.__init__)s # N) __name__ __module__ __qualname__rrfieldsrboolr"r#r!rrs\   +     )   F$%*"' D>$ r#rc~eZdZededdededdededded ed gZdededed efd Zy ) CVEAffectedPackagenameFz The CVE namer fix_versionz.The version that fixes the CVE for the package fix_statusz)The status of the CVE fix for the package fix_originz*The pocket where the fix is available fromc<||_||_||_||_yrr,r-r.r/)r r,r-r.r/s r!r"zCVEAffectedPackage.__init__Ns! &$$r#Nr$r%r&rrr'strr"r)r#r!r+r+3s        @     ;    < 'F4%%&)%7:%HK%r#r+cZeZdZedededeedgZdede efdZ y)AffectedPackagecurrent_versionz"The current version of the packagercvesz The CVE that affects the packagec ||_||_yrr6r7)r r6r7s r!r"zAffectedPackage.__init__es / r#N) r$r%r&rrrr+r'r3rr"r)r#r!r5r5WsN  4   ( )2 F"%-12D-Er#r5cHeZdZededededgZdedefdZy) RelatedUSNr,z The USN namertitlez The USN titlec ||_||_yrr,r<)r r,r<s r!r"zRelatedUSN.__init__zs  r#Nr2r)r#r!r;r;ls@      FSr#r;ceZdZedededededededeed d ed ed d ed ed dgZddddddde de jde de e e d e e d e e de e ede e e fdZy)CVEInfo descriptionzThe CVE descriptionr published_atzThe CVE published datepriorityzThe ubuntu priority for the CVEnotesFzA list of notes for the CVE cvss_scorezThe CVE cvss score cvss_severityzThe CVE cvss severityN)rDrErF related_usnsrelated_packagesrGrHct||_||_||_||_||_||_||_||_yrrArBrCrDrErFrGrH) r rArBrCrDrErFrGrHs r!r"zCVEInfo.__init__sC'(   $*) 0r#)r$r%r&rrrrrr'r3datetimerrfloatr;r"r)r#r!r@r@s  %   (   1   o & -     $     '  9"FT&*&*'+370411'' 1  1 S " 1UO1 }1tJ/01#49-1r#r@c eZdZedeededeedgZdddee efdee efd e jd e e jfd Z y) CVEsResultpackages) value_clszcA dictionary where the keys are installed package names and the values are AffectedPackage objects.rr7zMA dictionary where the keys are CVE names and the values are CVEInfo objects.N)apt_updated_atvulnerability_data_published_atrQc<||_||_||_||_yrrOr7rRrQ)r rOr7rRrQs r!r"zCVEsResult.__init__s"!  /N,,r#) r$r%r&rrr5r@r'rr3rKrr"r)r#r!rNrNs   0u    (_ F,7;-sO+,-3< -*2):):-!!2!23-r#rNcfeZdZdZdeeefdeeeffdZdeeefdeeefdeeeffdZy) CVEParserr7 affected_pkgreturnc:|j|jiSr)getvulnerability_type)r rWs r!get_package_vulnerabilitiesz%CVEParser.get_package_vulnerabilitiess 7 7<)rZappend)r r]r^rGusn_info related_usns r! _post_process_vulnerability_infoz*CVEParser._post_process_vulnerability_infos  ! !. 1L+//0A2FJJH 2.A  ## +!)k2!>!B!B#R" 2> ~ .!!r#N) r$r%r&r[rr3rr\rfr)r#r!rVrVsf= cN= c3h= " cN"#38n" c3h "r#rVrXc|jdxr|jd}|jr|ry|jr|syy)Nr-r/FT)rZrr)cveoptions is_fixables r!cve_status_match_optionsrks;'ACGGL,AJZ  r#ric*t|tSr)_cvesr)ris r!r7r7 s (* %%r#vulnerabilitiesrRci}t}t|jdijD]\}}g}t|jdgdD]M}t ||s|j t |d|d|d|d |j|dO|syt|d | ||<t|jd ijd D  cic]\} }| |vr| t|dtj|d|d|d|d|d|jdgD cgc]/} t| jdd| jdd1c} |jdg} }} } t|| tj|tScc} wcc} }} w)NrOr7c |dS)Nr,r))rhs r!z(_parse_vulnerabilities..s #f+r#)keyr,r-r.r/r1r6r9rnc |dS)Nrr))vs r!rqz(_parse_vulnerabilities..As !A$r#rArBubuntu_priorityrDrErFrGrbr<r>rHrJrT)setsortedrZitemsrkrcr+addr5r@rparse_rfc3339_dater;rNr ) rirnrRrO allowed_cvespkg_name package_infopkg_cvesrhcve_namerer7s r!_parse_vulnerabilitiesrs H5L"(J+113#,   VR (.E .C(W5& [$' $6#&|#4#&|#4   V- . !0 ,-> ?"HX 'R$    12 6 < < > #  " Hc | #) 'M*00^1DE*+g,<(o. $'77>2#>   $4%//'26!WW%7<   D 0  (,(?(? +) ./  ! s4AG4G 9GGcfgc|jr|jrd|_d|_tjj}t t ||}|j}t|||jS)z This endpoint shows the CVE vulnerabilites in the system. By default, this API will show all CVEs that affect the system. F)parserrseries)rirnrR) rrrget_release_inforr rVvulnerabilities_inforrR)rirrcve_vulnerabilities_resultcve_vulnerabilitiess r!rmrmPsvW__!  $ $ & - -F!4{ " 5II !+(B(b(b r#v1CVEs)versionr,fn options_cls35Tzs from uaclient.api.u.pro.security.cves.v1 import cves, CVEsOptions options = CVEsOptions() result = cves(options) zpro api u.pro.security.cves.v1a { "cves": { "CVE-2023-5678": { "cvss_score": 8.1, "cvss_severity": "high", "description": "description example", "notes": [ "note example", ], "priority": "medium", "published_at": ".*" } }, "packages": { "accountsservice": { "current_version": "0.6.40-2ubuntu11.6", "cves": [ { "fix_origin": "esm-infra", "fix_status": "fixed", "fix_version": "0.6.40-2ubuntu11.6+esm1", "name": "CVE-2023-5678" } ] }, "libaccountsservice0": { "current_version": "0.6.40-2ubuntu11.6", "cves": [ { "fix_origin": "esm-infra", "fix_status": "fixed", "fix_version": "0.6.40-2ubuntu11.6+esm1", "name": "CVE-2023-5678" } ] } }, } ) introduced_inrequires_networkexample_python result_classignore_result_classes exceptions example_cli example_json),rKtypingrrrruaclientrruaclient.api.apir uaclient.api.data_typesr +uaclient.api.u.pro.security.cves._common.v1r r uaclient.aptr uaclient.configruaclient.data_typesrrrrrrrrrr+r5r;r@rNrVr(rkr7r3rrmendpoint_docr)r#r!rsA,,!(20$   *4!%!%Hj*&;1j;1|-^-> "# "Fd& && > >#s(^>&)> >B  @       (\3'5r#