Skip to content

Commit

Permalink
use external_references instead of description #63
Browse files Browse the repository at this point in the history
  • Loading branch information
@fqrious
fqrious committed Dec 12, 2024
1 parent a35508f commit 22d24d1
Showing 1 changed file with 14 additions and 2 deletions.
16 changes: 14 additions & 2 deletions vulmatch/server/arango_helpers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -350,13 +350,25 @@ def get_vulnerabilities(self):
if q := self.query_as_array('attack_id'):
binds['attack_ids'] = q
filters.append('''
FILTER LENGTH(FOR d IN nvd_cve_edge_collection FILTER doc._id == d._from AND d.relationship_type == 'exploited-using' AND d._arango_cve_processor_note == "cve-attack" AND LAST(SPLIT(d.description, ' ')) IN @attack_ids LIMIT 1 RETURN TRUE) > 0
FILTER LENGTH(
FOR d IN nvd_cve_edge_collection
FILTER doc._id == d._from AND d.relationship_type == 'exploited-using' AND d._arango_cve_processor_note == "cve-attack" AND NOT doc._is_ref AND d.external_references
FILTER FIRST(FOR c IN d.external_references FILTER c.source_name == 'mitre-attack' RETURN c.external_id) IN @attack_ids
LIMIT 1
RETURN TRUE
) > 0
''')

if q := self.query_as_array('capec_id'):
binds['capec_ids'] = q
filters.append('''
FILTER LENGTH(FOR d IN nvd_cve_edge_collection FILTER doc._id == d._from AND d.relationship_type == 'exploited-using' AND d._arango_cve_processor_note == "cve-capec" AND LAST(SPLIT(d.description, ' ')) IN @capec_ids LIMIT 1 RETURN TRUE) > 0
FILTER LENGTH(
FOR d IN nvd_cve_edge_collection
FILTER doc._id == d._from AND d.relationship_type == 'exploited-using' AND d._arango_cve_processor_note == "cve-capec" AND NOT doc._is_ref AND d.external_references
FILTER FIRST(FOR c IN d.external_references FILTER c.source_name == 'capec' RETURN c.external_id) IN @capec_ids
LIMIT 1
RETURN TRUE
) > 0
''')

query = """
Expand Down

0 comments on commit 22d24d1

Please sign in to comment.