diff --git a/vdb/cli.py b/vdb/cli.py index d83fa01..94aa22c 100644 --- a/vdb/cli.py +++ b/vdb/cli.py @@ -149,9 +149,9 @@ def add_table_row(table: Table, res: dict, added_row_keys: dict): if cna_container.affected and cna_container.affected.root: for each_affected in cna_container.affected.root: if each_affected.programRoutines: - affected_functions |= set([r.name for r in each_affected.programRoutines]) + affected_functions |= {r.name for r in each_affected.programRoutines} if each_affected.modules: - affected_modules |= set([m for m in each_affected.modules]) + affected_modules |= {m.root for m in each_affected.modules} affected_functions = list(affected_functions) affected_modules = list(affected_modules) affects = "" @@ -174,7 +174,7 @@ def print_results(results): table.add_column("CVE", justify="left", max_width=20) table.add_column("Locator") table.add_column("Description") - table.add_column("Affected Symbols", max_width=40) + table.add_column("Affected Symbols", max_width=50) if isinstance(results, types.GeneratorType): with Live( table, console=console, refresh_per_second=4, vertical_overflow="visible" diff --git a/vdb/lib/nvd.py b/vdb/lib/nvd.py index 2623e95..9be9605 100644 --- a/vdb/lib/nvd.py +++ b/vdb/lib/nvd.py @@ -302,8 +302,8 @@ def convert_vuln_detail(vuln: dict) -> list[VulnerabilityDetail] | None: detail = {} if not cpe.get("cpe23Uri"): continue - if cpe["vulnerable"] and cpe.get("cpe23Uri"): - detail["cpe_uri"] = cpe["cpe23Uri"] + if cpe["vulnerable"]: + detail["cpe_uri"] = cpe.get("cpe23Uri") detail["mii"] = cpe.get("versionStartIncluding") detail["mie"] = cpe.get("versionStartExcluding") detail["mai"] = cpe.get("versionEndIncluding") diff --git a/vdb/lib/osv.py b/vdb/lib/osv.py index ba32194..113f762 100644 --- a/vdb/lib/osv.py +++ b/vdb/lib/osv.py @@ -20,6 +20,7 @@ parse_purl, ) + # Size of the stream to read and write to the file DOWNLOAD_CHUNK_SIZE = 4096 @@ -169,20 +170,14 @@ def to_vuln(cve_data): if ecosystem_specific.get("severity"): severity = ecosystem_specific.get("severity") if ecosystem_specific.get("affected_functions"): - affected_functions = affected_functions | set( - ecosystem_specific.get("affected_functions") - ) + affected_functions = affected_functions.union(ecosystem_specific.get("affected_functions")) if ecosystem_specific.get("affects", {}).get("functions"): - affected_functions = affected_functions | set( - ecosystem_specific.get("affects").get("functions") - ) + affected_functions = affected_functions.union(ecosystem_specific.get("affects").get("functions")) for aimp in ecosystem_specific.get("imports", []): if aimp.get("path"): affected_modules.add(aimp.get("path")) if aimp.get("symbols"): - affected_functions = affected_functions | set( - aimp.get("symbols") - ) + affected_functions = affected_functions.union(aimp.get("symbols")) if pkg_data.get("database_specific"): database_specific = pkg_data.get("database_specific") if database_specific.get("cwes"): @@ -353,6 +348,8 @@ def to_vuln(cve_data): ) try: vuln = NvdSource.convert_vuln(orjson.loads(tdata)) + if vuln is None: + continue vuln.description = compress_str(description) if affected_functions: vuln.affects = { @@ -463,6 +460,8 @@ def to_vuln(cve_data): ) try: vuln = NvdSource.convert_vuln(orjson.loads(tdata)) + if vuln is None: + continue vuln.description = compress_str(description) if affected_functions: vuln.affects = {