Shield Agents
🛡️ Initial release - Shield Agents v1.0.0
de31cf7
Raw
History Blame Contribute Delete
2.11 kB
"""CVE database interface for Shield Agents."""
# Known CVEs relevant to common vulnerabilities
KNOWN_CVES = {
"CVE-2021-44228": {
"title": "Log4Shell - Remote Code Injection in Log4j",
"severity": "CRITICAL",
"affected": "Apache Log4j 2.0-beta9 through 2.14.1",
"description": "Remote code execution via JNDI lookups in Log4j",
},
"CVE-2022-22965": {
"title": "Spring4Shell - RCE in Spring Framework",
"severity": "CRITICAL",
"affected": "Spring Framework 5.3.0 to 5.3.17, 5.2.0 to 5.2.19",
"description": "Remote code execution via data binding",
},
"CVE-2023-44487": {
"title": "HTTP/2 Rapid Reset Attack",
"severity": "HIGH",
"affected": "Multiple HTTP/2 implementations",
"description": "Denial of service via HTTP/2 stream cancellation",
},
"CVE-2021-41773": {
"title": "Apache HTTP Server Path Traversal",
"severity": "HIGH",
"affected": "Apache HTTP Server 2.4.49",
"description": "Path traversal and file disclosure",
},
"CVE-2020-9484": {
"title": "Apache Tomcat Session Deserialization",
"severity": "HIGH",
"affected": "Apache Tomcat 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34",
"description": "Deserialization of session data leading to RCE",
},
}
def lookup_cve(cve_id: str) -> dict:
"""Look up a CVE by ID.
Args:
cve_id: CVE identifier (e.g., 'CVE-2021-44228').
Returns:
CVE information dictionary, or empty dict if not found.
"""
return KNOWN_CVES.get(cve_id, {})
def search_cves(keyword: str) -> list:
"""Search for CVEs matching a keyword.
Args:
keyword: Search keyword.
Returns:
List of matching CVE dictionaries.
"""
results = []
keyword_lower = keyword.lower()
for cve_id, info in KNOWN_CVES.items():
if (keyword_lower in info["title"].lower() or
keyword_lower in info["description"].lower()):
results.append({"id": cve_id, **info})
return results