Update cpe_search, which updates its algorithm and params

ra1nb0rn · Nov 30, 2023 · 1ef3d0b · 1ef3d0b
1 parent bc6f53a
commit 1ef3d0b
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 12 deletions.
diff --git a/cpe_search b/cpe_search
diff --git a/search_vulns.py b/search_vulns.py
@@ -413,13 +413,13 @@ def search_vulns(query, db_cursor=None, software_match_threshold=CPE_SEARCH_THRE
     return vulns
 
 
-def search_vulns_return_cpe(query, db_cursor=None, software_match_threshold=CPE_SEARCH_THRESHOLD, keep_data_in_memory=False, add_other_exploits_refs=False, is_good_cpe=False, zero_extend_versions=False, ignore_general_cpe_vulns=False):
+def search_vulns_return_cpe(query, db_cursor=None, software_match_threshold=CPE_SEARCH_THRESHOLD, keep_data_in_memory=False, add_other_exploits_refs=False, is_good_cpe=False, ignore_general_cpe_vulns=False):
     """Search for known vulnerabilities based on the given query and return them with their CPE"""
 
     cpe, pot_cpes = query, []
     if not MATCH_CPE_23_RE.match(query):
         is_good_cpe = False
-        cpes = search_cpes(query, count=5, threshold=0.25, zero_extend_versions=zero_extend_versions, keep_data_in_memory=keep_data_in_memory)
+        cpes = search_cpes(query, count=5, threshold=0.25, keep_data_in_memory=keep_data_in_memory)
 
         if not cpes or not cpes[query]:
             return {query: {'cpe': None, 'vulns': None, 'pot_cpes': []}}

diff --git a/tests/test_related_queries.py b/tests/test_related_queries.py
@@ -13,7 +13,7 @@ class TestSearches(unittest.TestCase):
     def test_search_wp_100_42_3(self):
         self.maxDiff = None
         query = 'WordPress 100.42.3'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:a:wordpress:wordpress:100.42.3:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*', 0.7071067811865475)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])
@@ -22,7 +22,7 @@ def test_search_wp_100_42_3(self):
     def test_apache_airflow_100_42_3(self):
         self.maxDiff = None
         query = 'Airflow 100.42.3'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:a:apache:airflow:100.42.3:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:apache:airflow:0.1:*:*:*:*:*:*:*', 0.40824812725634746)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])
@@ -31,7 +31,7 @@ def test_apache_airflow_100_42_3(self):
     def test_apache_airflow_no_version(self):
         self.maxDiff = None
         query = 'Airflow'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:apache:airflow:0.1:*:*:*:*:*:*:*', 0.5773500383793437)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])
@@ -40,7 +40,7 @@ def test_apache_airflow_no_version(self):
     def test_jquery_100_42_3(self):
         self.maxDiff = None
         query = 'jQuery 100.42.3'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:a:jquery:jquery:100.42.3:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:jquery:jquery:-:*:*:*:*:*:*:*', 0.7071067811865475), ('cpe:2.3:a:jqueryui:jquery_ui:100.42.3:*:*:*:*:jquery:*:*', -1), ('cpe:2.3:a:jqueryui:jquery_ui:1.0:*:*:*:*:jquery:*:*', 0.554700143311105), ('cpe:2.3:a:jqueryui:jquery_ui:1.10.0:-:*:*:*:jquery:*:*', 0.554700143311105), ('cpe:2.3:a:jqueryui:jquery_ui:100.42.3:beta1:*:*:*:jquery:*:*', -1)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])
@@ -49,7 +49,7 @@ def test_jquery_100_42_3(self):
     def test_search_jfrog_artifactory_4_29_0(self):
         self.maxDiff = None
         query = 'jfrog artifactory 4.29.0'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:a:jfrog:artifactory:4.29.0:-:*:*:*:-:*:*', -1), ('cpe:2.3:a:jfrog:artifactory:1.3.0:-:*:*:*:-:*:*', 0.6666664001499099), ('cpe:2.3:a:jfrog:artifactory:4.29.0:*:*:*:*:jenkins:*:*', -1), ('cpe:2.3:a:jfrog:artifactory:1.0.1:*:*:*:*:jenkins:*:*', 0.5601121185995755)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])
@@ -58,7 +58,7 @@ def test_search_jfrog_artifactory_4_29_0(self):
     def test_search_dell_omsa_9_4_0_2(self):
         self.maxDiff = None
         query = 'dell omsa 9.4.0.2'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:a:dell:openmanage_server_administrator:9.4.0.2:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:dell:openmanage_server_administrator:5.2.0:*:*:*:*:*:*:*', 0.8677219629380439), ('cpe:2.3:a:dell:openmanage_server_administrator:1.00.0000:*:*:*:*:*:*:*', 0.8000001708355547), ('cpe:2.3:a:dell:emc_openmanage_server_administrator:9.4.0.2:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:dell:emc_openmanage_server_administrator:11.0.0.0:*:*:*:*:*:*:*', 0.7302967433402214), ('cpe:2.3:a:dell:openmanage_server_administrator_installer:9.4.0.2:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:dell:openmanage_server_administrator_installer:1.0.0:*:*:*:*:*:*:*', 0.730296368510777)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])
@@ -67,7 +67,7 @@ def test_search_dell_omsa_9_4_0_2(self):
     def test_search_citrix_adc_13_1_42_47(self):
         self.maxDiff = None
         query = 'citrix adc 13.1-42.47'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:a:citrix:application_delivery_controller:13.1-42.47:*:*:*:-:*:*:*', -1), ('cpe:2.3:a:citrix:application_delivery_controller:13.1:*:*:*:-:*:*:*', 0.8908703582652887), ('cpe:2.3:a:citrix:application_delivery_controller:13.1-21.50:*:*:*:*:*:*:*', 0.8164962543292243), ('cpe:2.3:h:citrix:application_delivery_controller:13.1-42.47:*:*:*:*:*:*:*', -1), ('cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*', 0.7921181545730472), ('cpe:2.3:a:citrix:netscaler_application_delivery_controller:13.1-42.47:*:*:*:-:*:*:*', -1), ('cpe:2.3:a:citrix:netscaler_application_delivery_controller:13.1-49.13:*:*:*:-:*:*:*', 0.7580975941026593)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])
@@ -76,7 +76,7 @@ def test_search_citrix_adc_13_1_42_47(self):
     def test_search_citrix_adc_no_version(self):
         self.maxDiff = None
         query = 'citrix adc'
-        result = search_vulns.search_vulns_return_cpe(query=query, zero_extend_versions=True)
+        result = search_vulns.search_vulns_return_cpe(query)
         expected_related_cpes = [('cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*', 0.9701426473495096), ('cpe:2.3:a:citrix:application_delivery_controller:*:*:*:*:*:*:*:*', -1), ('cpe:2.3:a:citrix:application_delivery_controller:12.1:*:*:*:-:*:*:*', 0.8728711218881599), ('cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*', 0.8728711218881599), ('cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*', -1), ('cpe:2.3:o:citrix:application_delivery_controller_firmware:10.1:*:*:*:*:*:*:*', 0.8164961618556671)]
         for i, (expected_related_cpe, match_score) in enumerate(expected_related_cpes):
             self.assertEqual(expected_related_cpe, result[query]['pot_cpes'][i][0])

diff --git a/web_server.py b/web_server.py
@@ -45,7 +45,7 @@ def search_vulns():
 
     conn = sqlite3.connect(DB_URI, uri=True)
     db_cursor = conn.cursor()
-    vulns = search_vulns_call(query, db_cursor=db_cursor, keep_data_in_memory=True, add_other_exploits_refs=True, ignore_general_cpe_vulns=ignore_general_cpe_vulns, zero_extend_versions=True, is_good_cpe=is_good_cpe)
+    vulns = search_vulns_call(query, db_cursor=db_cursor, keep_data_in_memory=True, add_other_exploits_refs=True, ignore_general_cpe_vulns=ignore_general_cpe_vulns, is_good_cpe=is_good_cpe)
 
     if vulns is None:
         RESULTS_CACHE[url_query_string] = {}