#!/usr/bin/perl -w # dumps all CVSS scores for all released updates into CSV. use strict; my $dn = `dirname $0`;chomp($dn); my $pwd = `pwd`;chomp($pwd); if ($dn !~ /^\//) { $dn = $pwd . "/" . $dn; } push @INC,$dn; require CanDBReader; require SMASHData; read_all_cached_issues(); open(CVSSHTML,">cvss.html"); print CVSSHTML "\n"; print CVSSHTML "\n"; open(CVSS,">cvss.csv"); print CVSS "#cve,SUSE base score,SUSE base vector,NVD base score,NVD base vector\n"; foreach my $cve (sort keys %SMASHData::pkgstate) { my $basescore = "unknown"; my $basevector = "unknown"; my $nvdbasescore = "unknown"; my $nvdbasevector = "unknown"; read_smash_issue($cve); if (defined($SMASHData::cvssv3{$cve})) { my %entry = %{$SMASHData::cvssv3{$cve}}; my %score; my %nvdscore; if (defined($entry{'SUSE'})) { %score = %{$entry{'SUSE'}}; $basescore = $score{'base_score'}; $basevector = $score{'base_vector'}; } if (defined($entry{'National Vulnerability Database'})) { %nvdscore = %{$entry{'National Vulnerability Database'}}; $nvdbasescore = $nvdscore{'base_score'}; $nvdbasevector = $nvdscore{'base_vector'}; } else { next; } if ($basescore ne $nvdbasescore) { my $susecolor = " bgcolor=\"#ffff00\""; my $nvdcolor = " bgcolor=\"#ffff00\""; if (($nvdbasescore >= 9.0) && ($basescore < 9.0)) { $susecolor = " bgcolor=\"#ff0000\""; } if (($nvdbasescore >= 7.0) && ($basescore < 7.0)) { $susecolor = " bgcolor=\"#ff0000\""; } if (($nvdbasescore < 9.0) && ($basescore >= 9.0)) { $nvdcolor = " bgcolor=\"#ff0000\""; } if (($nvdbasescore < 7.0) && ($basescore >= 7.0)) { $nvdcolor = " bgcolor=\"#ff0000\""; } if ($nvdbasescore eq "unknown") { $nvdcolor = ""; } if ($basescore eq "unknown") { $susecolor = ""; } my @bugs = split(/,/,$CanDBReader::bugzillas{$cve}); my $bughtml = ""; my %bugs = map { $_ => 1} @bugs; foreach my $bug (sort keys %bugs) { $bughtml .= "$bug
"; } print CVSS "notsame,$cve,$basescore,$basevector,$nvdbasescore,$nvdbasevector\n"; print CVSSHTML "\n"; } else { print CVSS "same,$cve,$basescore,$basevector,$nvdbasescore,$nvdbasevector\n"; } } } close(CVSS); print CVSSHTML "
CVESUSE ScoreNVD score
$cve
$bughtml		$basescore
$basevector		$nvdbasescore
$nvdbasevector
\n"; close(CVSSHTML);