Hugging Face's logo

Spaces:
ChienChung
/
CVE_Analysis_Agent
Sleeping

App Files Community
CVE_Analysis_Agent
File size: 2,880 Bytes
19949cf
 
 
 
 
 
 
 
 
 
 
 
 
 
c73ca9d
19949cf
 
c73ca9d
19949cf
 
 
 
c73ca9d
19949cf
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
be9311f
 
 
 
 
 
 
 
 
 
 
19949cf
 
 
 
 
c73ca9d
 
19949cf
 
 
 
 
 
 
c73ca9d
19949cf
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
#!/usr/bin/env python3
import sys
import os
from cve_validator import validate_cve_id
from api_client import fetch_cve_simple
from storage import save_cve_analysis, load_cve_analysis

def analyze_cve(cve_id, use_cache=True):
    """Analyze CVE with caching support"""
    
    # Check if already analyzed
    if use_cache:
        cached = load_cve_analysis(cve_id)
        if cached:
            print(f"Loading from cache: {cve_id}")
            return cached
    
    print(f"Analyzing {cve_id}...")
    
    # Fetch CVE data
    cve_data = fetch_cve_simple(cve_id)
    if not cve_data:
        print(f"Unable to fetch data for {cve_id}")
        return None
    
    # Display basic information
    cve = cve_data['cve']
    print(f" {cve['id']}")
    print(f"Published: {cve['published']}")
    print(f"Description: {cve['descriptions'][0]['value'][:200]}...")
    
    # Get CVSS score
    if 'metrics' in cve and 'cvssMetricV31' in cve['metrics']:
        cvss = cve['metrics']['cvssMetricV31'][0]['cvssData']
        print(f"CVSS Score: {cvss['baseScore']}")
        print(f"Severity: {cvss['baseSeverity']}")
    
    # Try to generate AI summary
    ai_summary = None
    if os.getenv('OPENAI_API_KEY'):
        print("\n Generating AI summary...")
        try:
            from llm_summarizer import summarize_cve
            ai_summary = summarize_cve(cve_data)
            print(ai_summary)
        except Exception as e:
            print(f"AI summary failed: {e}")
    else:
        print("\n OPENAI_API_KEY not set, skipping AI summary")
    
    # Save analysis results
    analysis = {
        'cve_id': cve_id,
        'cve_data': cve_data,
        'ai_summary': ai_summary
    }
    
    save_cve_analysis(cve_id, cve_data, ai_summary)
    
    # Show similar CVEs if available
    try:
        from vector_storage import vector_storage
        similar_cves = vector_storage.find_similar_cves(cve_id, 3)
        if similar_cves:
            print(f"\n Similar CVEs:")
            for similar in similar_cves:
                print(f"  • {similar['cve_id']} (similarity: {similar['similarity']}) - {similar['description'][:50]}...")
    except:
        pass
    
    return analysis

def main():
    if len(sys.argv) < 2:
        print("Usage:")
        print("python main.py CVE-YYYY-NNNN        # Analyze CVE")
        print("python main.py CVE-YYYY-NNNN --force # Force re-analysis")
        sys.exit(1)
    
    cve_id = sys.argv[1]
    force = '--force' in sys.argv
    
    # Validate CVE ID
    if not validate_cve_id(cve_id):
        print(f"Invalid CVE ID: {cve_id}")
        sys.exit(1)
    
    # Analyze CVE
    result = analyze_cve(cve_id, use_cache=not force)
    
    if result:
        print(f"\n Analysis completed: {cve_id}")
    else:
        print(f"\n Analysis failed: {cve_id}")
        sys.exit(1)

if __name__ == "__main__":
    main()