geronzi/full_updater
2
0
Fork 0
Code Issues Pull requests Projects Releases 27 Packages Wiki Activity Actions

feat(cve): add severity and vector columns to CVE list
All checks were successful
Build and Release .deb / build-deb (push) Successful in 21s
Details

Browse source 
- Parse [remote|local] and [severity] from debsecan output
- Display Severity and Vector columns in CVEListScreen
- Severity values: unimportant, low, medium, high, critical
This commit is contained in:
enzo 2026-05-13 04:20:14 +02:00
parent 721e677fa6
commit 13d826ecd2
2 changed files with 13 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
full_updater/backend/scanner.py
View file

@ -226,9 +226,16 @@ def scan_cve(target: Target) -> tuple[bool, list[dict[str, str]], str]:
cves = [] cves = []
for line in stdout.splitlines(): for line in stdout.splitlines():
m = re.match(r"(CVE-\d{4}-\d+)\s+(\S+)", line) # Format: CVE-XXXX-XXXX package [remote|local] [severity] - description
m = re.match(r"(CVE-\d{4}-\d+)\s+(\S+)(?:\s+\[(remote|local)\])?(?:\s+\[(unimportant|low|medium|high|critical)\])?", line)
if m: if m:
cves.append({"id": m.group(1), "package": m.group(2), "url": f"https://security-tracker.debian.org/tracker/{m.group(1)}"}) cves.append({
"id": m.group(1),
"package": m.group(2),
"vector": m.group(3) or "?",
"severity": m.group(4) or "?",
"url": f"https://security-tracker.debian.org/tracker/{m.group(1)}"
})
return True, cves, "" return True, cves, ""

6
full_updater/ui/detail_screens.py
View file

@ -90,15 +90,17 @@ class CVEListScreen(Screen):
with Horizontal(id="toolbar"): with Horizontal(id="toolbar"):
yield Button("⬅ Retour", id="cve-back", variant="default") yield Button("⬅ Retour", id="cve-back", variant="default")
table = DataTable(id="cve-table") table = DataTable(id="cve-table")
table.add_columns("CVE-ID", "Paquet", "Corrigeable", "Lien") table.add_columns("CVE-ID", "Paquet", "Severite", "Vecteur", "Corrigeable", "Lien")
table.cursor_type = "row" table.cursor_type = "row"
for i, cve in enumerate(self.cves): for i, cve in enumerate(self.cves):
cve_id = cve.get("id", "?") cve_id = cve.get("id", "?")
pkg = cve.get("package", "?") pkg = cve.get("package", "?")
url = cve.get("url", "") url = cve.get("url", "")
severity = cve.get("severity", "?")
vector = cve.get("vector", "?")
fixable = "🟢 Oui" if cve.get("fixable") else "🔴 Non" fixable = "🟢 Oui" if cve.get("fixable") else "🔴 Non"
self.urls[i] = url self.urls[i] = url
table.add_row(cve_id, pkg, fixable, url) table.add_row(cve_id, pkg, severity, vector, fixable, url)
yield table yield table
def on_data_table_row_selected(self, event: DataTable.RowSelected): def on_data_table_row_selected(self, event: DataTable.RowSelected):