CVE-Report-Generator/validator.py at master · cyberprogramming1/CVE-Report-Generator · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
import re
import requests


def is_valid_cve_format(cve_id):
    # Define a regex pattern for CVE ID (e.g., CVE-YYYY-NNNNN)
    pattern = re.compile(r'^CVE-\d{4}-\d{4,}$')
    return bool(pattern.match(cve_id))

def cve_exists(cve_id):
    # Check if the CVE ID exists by querying the MITRE CVE API
    url = f"https://cveawg.mitre.org/api/cve-id/{cve_id}"
    headers = {
        'Authorization': 'Bearer YOUR_API_KEY'  # Replace with your actual API key
    }
    response = requests.get(url, headers=headers)

    if response.status_code == 200:
        data = response.json()
        if "error" in data and data["error"] == "CVE_ID_NOT_FOUND":
            return "not found"

        state = data.get('state', 'unknown').upper()

        if state == 'PUBLISHED':
            return True
        elif state in ['RESERVED', 'REJECTED', 'DISPUTED']:
            return state.lower()
        else:
            return 'unknown'
    else:
        return 'CVE-ID Doesnt exist'

def is_url_accessible(url):
    """Check if a URL is accessible by making a HEAD request."""
    try:
        response = requests.head(url, timeout=5)
        return response.status_code != 404
    except requests.RequestException:
        return False