Skip to content

Commit f709f9f

Browse files
committed
Update views.py
1 parent 6434817 commit f709f9f

File tree

1 file changed

+82
-31
lines changed

1 file changed

+82
-31
lines changed

vulmatch/server/views.py

Lines changed: 82 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,7 @@ class VulnerabilityStatus(models.models.TextChoices):
5353
description=textwrap.dedent(
5454
"""
5555
Search and filter CVE records. This endpoint only returns the vulnerability objects for matching CVEs.
56+
5657
Once you have the CVE ID you want, you can get all associated data linked to it (e.g. Indicator Objects) using the bundle endpoint.
5758
5859
If you already know the CVE ID, use the Get a Vulnerability by ID endpoint
@@ -138,41 +139,91 @@ class CveView(viewsets.ViewSet):
138139
lookup_url_kwarg = 'cve_id'
139140
openapi_path_params = [
140141
OpenApiParameter('stix_id', type=OpenApiTypes.STR, location=OpenApiParameter.PATH, description='The STIX ID, e.g `vulnerability--4d2cad44-0a5a-5890-925c-29d535c3f49e`.'),
141-
OpenApiParameter('cve_id', type=OpenApiTypes.STR, location=OpenApiParameter.PATH, description='The CVE ID, e.g `CVE-2024-3125`'),
142+
OpenApiParameter('cve_id', type=OpenApiTypes.STR, location=OpenApiParameter.PATH, description='The CVE ID, e.g `CVE-2023-22518`'),
142143

143144
]
144145

145-
146146
class filterset_class(FilterSet):
147-
stix_id = MultipleChoiceFilter(help_text='Filter the results using the STIX ID of a `vulnerability` object. e.g. `vulnerability--4d2cad44-0a5a-5890-925c-29d535c3f49e`.')
148-
cve_id = CharFilter(help_text='Filter the results using a CVE ID. e.g. `CVE-2023-22518`')
149-
description = CharFilter(help_text='Filter the results by the description of the Vulnerability. Search is a wildcard, so `exploit` will return all descriptions that contain the string `exploit`.')
150-
has_kev = BooleanFilter(label=dedent('''
151-
Filter the results to only include those reported by CISA KEV (Known Exploited Vulnerability).
152-
'''))
153-
cpes_vulnerable = BaseCSVFilter(label=dedent('''
154-
Filter Vulnerabilities that are vulnerable to a full or partial CPE Match String. Search is a wildcard to support partial match strings (e.g. `cpe:2.3:o:microsoft:windows` will match `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*`, `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*`, etc.\n\n
155-
`cve-cpe` mode must have been triggered on the Arango CTI Processor endpoint for this to work.
156-
'''))
157-
cpes_in_pattern = BaseCSVFilter(label=dedent('''
158-
Filter Vulnerabilities that contain a full or partial CPE Match String. Note, this will return Vulnerabilities that are vulnerable and not vulnerable (e.g. an operating system might not be vulnerable, but it might be required for software running on it to be vulnerable). Search is a wildcard to support partial match strings (e.g. `cpe:2.3:o:microsoft:windows` will match `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*`, `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*`, etc.\n\n
159-
`cve-cpe` mode must have been triggered on the Arango CTI Processor endpoint for this to work.
160-
'''))
161-
weakness_id = BaseCSVFilter(label=dedent("""
162-
Filter results by weakness (CWE ID). e.g. `CWE-122`.\n\n
163-
filters using the `external_references` property of `vulnerability` object
164-
"""))
165-
cvss_base_score_min = NumberFilter(help_text="The minumum CVSS score you want. `0` is lowest, `10` is highest.")
166-
epss_score_min = NumberFilter(help_text="The minimum EPSS score you want. Between `0` (lowest) and `1` highest to 2 decimal places (e.g. `9.34`).\n\n`cve-epss` mode must have been triggered on the Arango CTI Processor endpoint for this to work.")
167-
epss_percentile_min = NumberFilter(help_text="The minimum EPSS percentile you want. Between `0` (lowest) and `1` highest to 2 decimal places (e.g. `9.34`).\n\n`cve-epss` mode must have been triggered on the Arango CTI Processor endpoint for this to work.")
168-
created_min = DateTimeFilter(help_text="Is the minumum `created` value (`YYYY-MM-DDThh:mm:ss.sssZ`)")
169-
created_max = DateTimeFilter(help_text="Is the maximum `created` value (`YYYY-MM-DDThh:mm:ss.sssZ`)")
170-
171-
modified_min = DateTimeFilter(label="Is the minumum `modified` value (`YYYY-MM-DDThh:mm:ss.sssZ`)")
172-
modified_max = DateTimeFilter(label="Is the maximum `modified` value (`YYYY-MM-DDThh:mm:ss.sssZ`)")
173-
sort = ChoiceFilter(choices=[(v, v) for v in CVE_SORT_FIELDS], label="Sort results by")
174-
175-
vuln_status = ChoiceFilter(choices=VulnerabilityStatus.choices, help_text="filter by vulnerability status")
147+
stix_id = MultipleChoiceFilter(help_text=textwrap.dedent(
148+
"""
149+
Filter the results using the STIX ID of a `vulnerability` object. e.g. `vulnerability--4d2cad44-0a5a-5890-925c-29d535c3f49e`.
150+
"""
151+
))
152+
cve_id = CharFilter(help_text=textwrap.dedent(
153+
"""
154+
Filter the results using a CVE ID. e.g. `CVE-2023-22518`
155+
"""
156+
))
157+
description = CharFilter(help_text=textwrap.dedent(
158+
"""
159+
Filter the results by the description of the Vulnerability. Search is a wildcard, so `exploit` will return all descriptions that contain the string `exploit`.'
160+
"""
161+
))
162+
has_kev = BooleanFilter(help_text=textwrap.dedent(
163+
"""
164+
Optionally filter the results to only include those reported by CISA KEV (Known Exploited Vulnerability).
165+
"""
166+
))
167+
cpes_vulnerable = BaseCSVFilter(help_text=textwrap.dedent(
168+
"""
169+
Filter Vulnerabilities that are vulnerable to a full or partial CPE Match String. Search is a wildcard to support partial match strings (e.g. `cpe:2.3:o:microsoft:windows` will match `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*`, `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*`, etc.
170+
"""
171+
))
172+
cpes_in_pattern = BaseCSVFilter(help_text=textwrap.dedent(
173+
"""
174+
Filter Vulnerabilities that contain a full or partial CPE Match String. Note, this will return Vulnerabilities that are vulnerable and not vulnerable (e.g. an operating system might not be vulnerable, but it might be required for software running on it to be vulnerable). Search is a wildcard to support partial match strings (e.g. `cpe:2.3:o:microsoft:windows` will match `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*`, `cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*`, etc.
175+
"""
176+
))
177+
weakness_id = BaseCSVFilter(help_text=textwrap.dedent(
178+
"""
179+
Filter results by weakness (CWE ID). e.g. `CWE-122`. `cve-cwe` mode must be run in Arango CVE Processor first for this to work.
180+
"""
181+
))
182+
cvss_base_score_min = NumberFilter(help_text=textwrap.dedent(
183+
"""
184+
The minumum CVSS score you want. `0` is lowest, `10` is highest.
185+
"""
186+
))
187+
epss_score_min = NumberFilter(help_text=textwrap.dedent(
188+
"""
189+
The minimum EPSS score you want. Between `0` (lowest) and `1` highest to 2 decimal places (e.g. `9.34`).
190+
"""
191+
))
192+
epss_percentile_min = NumberFilter(help_text=textwrap.dedent(
193+
"""
194+
The minimum EPSS percentile you want. Between `0` (lowest) and `1` highest to 2 decimal places (e.g. `9.34`).
195+
"""
196+
))
197+
created_min = DateTimeFilter(help_text=textwrap.dedent(
198+
"""
199+
Is the minimum `created` value (`YYYY-MM-DDThh:mm:ss.sssZ`)
200+
"""
201+
))
202+
created_max = DateTimeFilter(help_text=textwrap.dedent(
203+
"""
204+
Is the maximum `created` value (`YYYY-MM-DDThh:mm:ss.sssZ`)
205+
"""
206+
))
207+
modified_min = DateTimeFilter(label=textwrap.dedent(
208+
"""
209+
Is the minimum `modified` value (`YYYY-MM-DDThh:mm:ss.sssZ`)
210+
"""
211+
))
212+
modified_max = DateTimeFilter(label=textwrap.dedent(
213+
"""
214+
Is the maximum `modified` value (`YYYY-MM-DDThh:mm:ss.sssZ`)
215+
"""
216+
))
217+
sort = ChoiceFilter(choices=[(v, v) for v in CVE_SORT_FIELDS], label=textwrap.dedent(
218+
"""
219+
Sort results by
220+
"""
221+
))
222+
vuln_status = ChoiceFilter(choices=VulnerabilityStatus.choices, help_text=textwrap.dedent(
223+
"""
224+
Filter by the Vulnerability status.
225+
"""
226+
))
176227

177228

178229
def create(self, request, *args, **kwargs):

0 commit comments

Comments
 (0)