Mr.X

�

~C�g-�	��SSKrSSKJrJrJrJr SSKJrJr SSK	J
r
 SSKJr SSK
JrJr SSKJr SSKJr SS	KJrJrJrJrJrJrJrJr "S
S\5r"SS
\5r"SS\5r"SS\5r "SS\5r!"SS\\5r""SS\5r#S\$4Sjr%S\S\"4Sjr&S\S\\'\4S\'S\"4Sjr(S\S\S\"4S jr)\
"S!S"\)\S#9r*S$S%S&\"\//S'S(S).r+g)*�N)�Any�Dict�List�Optional)�system�util)�APIEndpoint)�AdditionalInfo)�VulnerabilityParser�get_vulnerabilities)�get_apt_cache_datetime)�UAConfig)�
BoolDataValue�
DataObject�DatetimeDataValue�Field�FloatDataValue�StringDataValue�	data_dict�	data_listc�`�\rSrSr\"S\SSS9\"S\SSS9/rSSS.S\\S\\4S	jjr	S
r
g)�CVEsOptions��	unfixableFzShow only unfixable CVES.��doc�fixablezShow only fixable CVES.�rrc��XlX lg�Nr)�selfrrs   �E/usr/lib/python3/dist-packages/uaclient/api/u/pro/security/cves/v1.py�__init__�CVEsOptions.__init__)s��#����)rrN)�__name__�
__module__�__qualname__�__firstlineno__rr�fieldsr�boolr#�__static_attributes__�r%r"rrsa��
����+�		
�	����)�		
�
�F�$%*�"'�	��D�>���$��	�r%rc	�p�\rSrSr\"S\SSS9\"S\SSS9\"S\SS	S9\"S
\SS9/rS\S\S\S
\4SjrS
r	g)�CVEAffectedPackage�3�nameFzThe CVE namer�fix_versionz.The version that fixes the CVE for the package�
fix_statusz)The status of the CVE fix for the package�
fix_originz*The pocket where the fix is available fromc�4�XlX lX0lX@lgr �r1r2r3r4)r!r1r2r3r4s     r"r#�CVEAffectedPackage.__init__Ns���	�&��$��$�r%)r4r3r2r1N�
r&r'r(r)rrr*�strr#r,r-r%r"r/r/3s���
�����		
�	����@�		
�	����;�		
�	���<�	
�'�F�4%��%�&)�%�7:�%�HK�%r%r/c�X�\rSrSr\"S\SS9\"S\"\5SS9/rS\	S\
\4SjrSrg	)
�AffectedPackage�W�current_versionz"The current version of the packager�cvesz The CVE that affects the packagec��XlX lgr �r=r>)r!r=r>s   r"r#�AffectedPackage.__init__es�� /���	r%r@N)
r&r'r(r)rrrr/r*r9rr#r,r-r%r"r;r;WsN��
���4�	
�
	���(�)�2�	
�
�F��"%��-1�2D�-E�r%r;c�F�\rSrSr\"S\SS9\"S\SS9/rS\S\4SjrSr	g	)
�
RelatedUSN�lr1zThe USN namer�titlez
The USN titlec��XlX lgr �r1rE)r!r1rEs   r"r#�RelatedUSN.__init__zs���	��
r%rGNr8r-r%r"rCrCls@��
����	
�
	����	
�
�F��S���r%rCc��\rSrSr\"S\SS9\"S\SS9\"S\SS9\"S	\"\5S
SS9\"S\S
S
S9\"S\S
SS9/r	SSSSSS.S\
S\RS\
S	\\
\
S\\S\\
S\\
\S\\
\
4SjjrSrg)�CVEInfo��descriptionzThe CVE descriptionr�published_atzThe CVE published date�priorityzThe ubuntu priority for the CVE�notesFzA list of notes for the CVE�
cvss_scorezThe CVE cvss score�
cvss_severityzThe CVE cvss severityN)rOrPrQ�related_usns�related_packagesrRrSc�d�XlX lX0lX@lXPlX`lXplX�lgr �rLrMrNrOrPrQrRrS)	r!rLrMrNrOrPrQrRrSs	         r"r#�CVEInfo.__init__�s3��'��(�� �
��
�$��*��)�� 0�r%)rPrQrLrOrNrMrSrR)r&r'r(r)rrrrrr*r9�datetimerr�floatrCr#r,r-r%r"rJrJs��
���%�	
�
	���(�	
�
	���1�	
�
	���o�&��-�		
�	����$�		
�	����'�		
�9"�F�T&*�&*�'+�37�04�1��1��'�'�	1�
�1���S�	�"�
1��U�O�1� ��}�1��t�J�/�0�1�#�4��9�-�1�1r%rJc
��\rSrSr\"S\"\S9SS9\"S\"\S9SS9/rSS	.S\	\
\4S\	\
\4S
\RS\\R4Sjjr
S
rg)�
CVEsResult��packages)�	value_clszcA dictionary where the keys are installed package names and the values are AffectedPackage objects.rr>zMA dictionary where the keys are CVE names and the values are CVEInfo objects.N)�apt_updated_at�vulnerability_data_published_atr^c�4�XlX lX0lX@lgr �r\r>r_r^)r!r\r>r_r^s     r"r#�CVEsResult.__init__�s��!�
��	�/N�,�,�r%)r^r>r\r_)r&r'r(r)rrr;rJr*rr9rWrr#r,r-r%r"rZrZ�s���
����0�u�	
�
	����(�_�	
�
�F�,7;�-��s�O�+�,�-��3��<� �	-�*2�):�):�-�!��!2�!2�3�-�-r%rZc�r�\rSrSrSrS\\\4S\\\44SjrS\\\4S\\\4S\\\44Sjr	S	r
g
)�	CVEParser��r>�affected_pkg�returnc�:�URUR05$r )�get�vulnerability_type)r!rfs  r"�get_package_vulnerabilities�%CVEParser.get_package_vulnerabilities�s������ 7� 7��<�<r%�vulnerability_info�vulnerabilities_datac��URS5(ah/nURS05RS05nUSH7nURUURU05RSS5S.5 M9 X1S'U$)NrR�security_issues�usnsrE�rG)ri�append)r!rmrnrR�usn_info�related_usns      r"� _post_process_vulnerability_info�*CVEParser._post_process_vulnerability_info�s���
�!�!�.�1�1��L�+�/�/�0A�2�F�J�J����H� 2�.�A���#�#� +�!)���k�2�!>�!B�!B�#�R�"��� B�2>�~�.�!�!r%r-N)r&r'r(r)rjrr9rrkrvr,r-r%r"rdrd�sf����=� ��c��N�=�	
�c�3�h��=�
"� ��c��N�"�#�3��8�n�"�
�c�3�h��	"r%rdrgc��URS5=(a URS5nUR(aU(agUR(aU(dgg)Nr2r4FT)rirr)�cve�options�
is_fixables   r"�cve_status_match_optionsr|�s;������'�A�C�G�G�L�,A�J����Z��	�����r%rzc�*�[U[55$r )�_cvesr)rzs r"r>r>	s����(�*�%�%r%�vulnerabilitiesr_c��0n[5n[URS05R55H�upV/n[URS/5SS9HPn[	X�5(a)UR[
USUSUSUSS	95 M<URUS5 MR U(dM[US
US9X5'M� [URS05R5S
S9V	VV
s0sH�up�X�;dMU	[US[R"US5USUSUSUSURS/5V
s/sH-n
[U
RSS5U
RSS5S9PM/ sn
URS/5S9_M� nnn	n
[UU[R"U5[5S9$s sn
fs sn
nn	f)Nr\r>c��US$)Nr1r-)rys r"�<lambda>�(_parse_vulnerabilities.<locals>.<lambda>s��#�f�+r%)�keyr1r2r3r4r6r=r@rc��US$)Nrr-)�vs r"r�r�Bs��!�A�$r%rLrM�ubuntu_priorityrOrPrQrRrrrErGrSrUra)�set�sortedri�itemsr|rsr/�addr;rJr�parse_rfc3339_daterCrZr
)rzrr_r\�blocked_cves�pkg_name�package_info�pkg_cvesry�cve_namerur>s            r"�_parse_vulnerabilitiesr�s
��
�H��5�L�"(����J��+�1�1�3�#���������V�R�(�.E�
�C�(��5�5����&� ��[�$'�
�$6�#&�|�#4�#&�|�#4�	��� � ��V��-�
��8�!0� ,�->� ?��"�H��)#�T$���� 1�2�6�<�<�>��
�#�"
�M�H��'�)	
��'��M�*��0�0��^�1D�E��*�+��g�,��<�(��o�.�$'�7�7�>�2�#>��
$?�K�	�$�����4�%�/�/�'�2�6��$?��!�W�W�%7��<�
�	
� 
�#	��0��
�(,�(?�(?�+�)
�.�/�
���!��s�5G	�AG	�
4G �>G	�G	�cfgc��UR(aUR(aSUlSUl[R"5Rn[[
5UUS9nURn[UUURS9$)z{
This endpoint shows the CVE vulnerabilites in the system.
By default, this API will show all CVEs that affect the system.
F)�parserr��series)rzrr_)
rrr�get_release_infor�rrd�vulnerabilities_infor�r_)rzr�r��cve_vulnerabilities_result�cve_vulnerabilitiess     r"r~r~Qsv�����W�_�_�!������
�
$�
$�
&�
-�
-�F�!4��{���"��
5�I�I��!��+�(B�(b�(b��r%�v1�CVEs)�versionr1�fn�options_cls�35Tzs
from uaclient.api.u.pro.security.cves.v1 import cves, CVEsOptions

options = CVEsOptions()
result = cves(options)
zpro api u.pro.security.cves.v1a�
{
    "cves": {
      "CVE-2023-5678": {
        "cvss_score": 8.1,
        "cvss_severity": "high",
        "description": "description example",
        "notes": [
          "note example",
        ],
        "priority": "medium",
        "published_at": ".*"
      }
    },
    "packages": {
      "accountsservice": {
        "current_version": "0.6.40-2ubuntu11.6",
        "cves": [
          {
            "fix_origin": "esm-infra",
            "fix_status": "fixed",
            "fix_version": "0.6.40-2ubuntu11.6+esm1",
            "name": "CVE-2023-5678"
          }
        ]
      },
      "libaccountsservice0": {
        "current_version": "0.6.40-2ubuntu11.6",
        "cves": [
          {
            "fix_origin": "esm-infra",
            "fix_status": "fixed",
            "fix_version": "0.6.40-2ubuntu11.6+esm1",
            "name": "CVE-2023-5678"
          }
        ]
      }
    },
}
)�
introduced_in�requires_network�example_python�result_class�ignore_result_classes�
exceptions�example_cli�example_json),rW�typingrrrr�uaclientrr�uaclient.api.apir	�uaclient.api.data_typesr
�+uaclient.api.u.pro.security.cves._common.v1rr�uaclient.aptr
�uaclient.configr�uaclient.data_typesrrrrrrrrrr/r;rCrJrZrdr+r|r>r9r�r~�endpoint�_docr-r%r"�<module>r�s@���,�,�!�(�2��0�$�	�	�	��*��4!%��!%�H�j��*���&;1�j�;1�|-��^�-�> "�#� "�F�d��&�
�&��&�?�
�?��#�s�(�^�?�&)�?��	?�D�
��	����>��	���	������(�\��3�'�5�r%
Name	Type	Size	Permission	Actions
__init__.cpython-313.pyc	File	172 B	0644
v1.cpython-313.pyc	File	12.17 KB	0644
Upload:

Command:

Filemanager

Server Info

System Info

User Info
