| """CVE database interface for Shield Agents.""" |
|
|
| |
| KNOWN_CVES = { |
| "CVE-2021-44228": { |
| "title": "Log4Shell - Remote Code Injection in Log4j", |
| "severity": "CRITICAL", |
| "affected": "Apache Log4j 2.0-beta9 through 2.14.1", |
| "description": "Remote code execution via JNDI lookups in Log4j", |
| }, |
| "CVE-2022-22965": { |
| "title": "Spring4Shell - RCE in Spring Framework", |
| "severity": "CRITICAL", |
| "affected": "Spring Framework 5.3.0 to 5.3.17, 5.2.0 to 5.2.19", |
| "description": "Remote code execution via data binding", |
| }, |
| "CVE-2023-44487": { |
| "title": "HTTP/2 Rapid Reset Attack", |
| "severity": "HIGH", |
| "affected": "Multiple HTTP/2 implementations", |
| "description": "Denial of service via HTTP/2 stream cancellation", |
| }, |
| "CVE-2021-41773": { |
| "title": "Apache HTTP Server Path Traversal", |
| "severity": "HIGH", |
| "affected": "Apache HTTP Server 2.4.49", |
| "description": "Path traversal and file disclosure", |
| }, |
| "CVE-2020-9484": { |
| "title": "Apache Tomcat Session Deserialization", |
| "severity": "HIGH", |
| "affected": "Apache Tomcat 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34", |
| "description": "Deserialization of session data leading to RCE", |
| }, |
| } |
|
|
|
|
| def lookup_cve(cve_id: str) -> dict: |
| """Look up a CVE by ID. |
| |
| Args: |
| cve_id: CVE identifier (e.g., 'CVE-2021-44228'). |
| |
| Returns: |
| CVE information dictionary, or empty dict if not found. |
| """ |
| return KNOWN_CVES.get(cve_id, {}) |
|
|
|
|
| def search_cves(keyword: str) -> list: |
| """Search for CVEs matching a keyword. |
| |
| Args: |
| keyword: Search keyword. |
| |
| Returns: |
| List of matching CVE dictionaries. |
| """ |
| results = [] |
| keyword_lower = keyword.lower() |
| for cve_id, info in KNOWN_CVES.items(): |
| if (keyword_lower in info["title"].lower() or |
| keyword_lower in info["description"].lower()): |
| results.append({"id": cve_id, **info}) |
| return results |
|
|