-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrhds.sh
executable file
·43 lines (33 loc) · 929 Bytes
/
rhds.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/bash
export API_HOST="https://access.redhat.com/hydra/rest/securitydata"
if [ ! -d cves ]; then
mkdir cves
fi
#for cve in $(cat ${1})
for line in $(cat ${1})
do
CVE=$(echo "${line}" | awk -F\, '{print $1}')
IMAGE=$(echo "${line}" | awk -F\, '{print $2}')
#echo "Image: ${IMAGE}"
#echo "CVE: ${CVE}"
if [ ! -f "cves/${CVE}.json" ]
then
if [[ $CVE =~ "CVE" ]]
then
echo "Pulling ${CVE}"
curl --silent -X GET "${API_HOST}/cve/${CVE}.json" -o "cves/${CVE}.json"
else
echo "Pulling ${CVE}"
curl --silent -X GET "${API_HOST}/cvrf/${CVE}.json" -o "cves/${CVE}.json"
fi
fi
IMPACT=$(jq -r -c ".package_state[] | select(.package_name == \"${IMAGE}\") | .fix_state" "cves/${CVE}.json")
echo "${IMAGE},${CVE},${IMPACT}"
done
exit 0
for cve in $(cat ${1})
do
CVSS=$(jq -c -r '.cvss3.cvss3_base_score' "cves/${cve}.json")
echo "Vuln: ${cve} ${CVSS}"
done
exit 0