Script to verify, for a set of CVE, if the MITRE has released them and if a link to the security advisory on the CVE owner site has been added (python 3).

check_cve_state.py

#!/usr/bin/python
# -*- coding: utf-8 -*-
"""
Script to verify, for a set of CVE, if the MITRE has released them
and if a link to the security advisory on the CVE owner site has been added.

Dependencies: pip install requests
"""
import requests
import collections
import argparse
import json

# Define constants
MITRE_URL_TPL = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=%s"
SECURITY_ADVISORY_BASE_URL = "https://www.excellium-services.com/cert-xlm-advisory"

# Define parser for command line arguments
parser = argparse.ArgumentParser(description="Script to verify, for a set of CVE, if the MITRE has released them and if a link to the security advisory on the CVE owner site has been added.", epilog="call example: check_cve_state.py -o test.json -c CVE-2016-1161 CVE-2018-15631")
parser.add_argument('-c', action="store", dest="cve_list", help="List of CVE ID separated by a space.", required=True, nargs='+')
parser.add_argument('-o', action="store", dest="output_file", help="Save verification in a JSON file.", default="state.json", required=False)
args = parser.parse_args()

# Process the list of CVE
cve_count = len(args.cve_list)
result = []
print("[+] Process the %s CVE(s)..." % cve_count)
security_advisory_link_upper = SECURITY_ADVISORY_BASE_URL.upper()
for cve_id in args.cve_list:
    print("  Get info for '%s'..." % cve_id)
    response = requests.get(MITRE_URL_TPL % cve_id)
    if response.status_code != 200:
        print("  [!] Request to MITRE for CVE ID '%s' return an HTTP code %s !" % (cve_id, response.status_code))
    else:
        http_body_upper = response.text.upper()
        cve_info = collections.OrderedDict()
        cve_info["ID"] = cve_id
        cve_info["IsReleased"] = ">RESERVED</A>" not in http_body_upper
        cve_info["ContainAdvisoryLink"] = security_advisory_link_upper in http_body_upper
        result.append(cve_info)
print("[+] Information gathered, saving them to file '%s'..." % args.output_file)
result_json_formatted = json.dumps(result, indent=4)
with open(args.output_file, "w") as dest_file:
    dest_file.write(result_json_formatted)
print("[+] File saved, copy of data printed below:")
print(result_json_formatted)

Execution examples (python 3):

$ python check_cve_state.py -h
usage: check_cve_state.py [-h] -c CVE_LIST [CVE_LIST ...] [-o OUTPUT_FILE]

Script to verify, for a set of CVE, if the MITRE has released them and if a
link to the security advisory on the CVE owner site has been added.

optional arguments:
  -h, --help            show this help message and exit
  -c CVE_LIST [CVE_LIST ...]
                        List of CVE ID separated by a space.
  -o OUTPUT_FILE        Save verification in a JSON file.

call example: check_cve_state.py -o test.json -c CVE-2016-1161 CVE-2018-15631

$ python check_cve_state.py -o test.json -c CVE-2016-1161 CVE-2018-15631 CVE-2018-20664

[+] Process the 3 CVE(s)...
  Get info for 'CVE-2016-1161'...
  Get info for 'CVE-2018-15631'...
  Get info for 'CVE-2018-20664'...
[+] Information gathered, saving them to file 'test.json'...
[+] File saved, copy of data printed below:
[
    {
        "ID": "CVE-2016-1161",
        "IsReleased": true,
        "ContainAdvisoryLink": true
    },
    {
        "ID": "CVE-2018-15631",
        "IsReleased": false,
        "ContainAdvisoryLink": false
    },
    {
        "ID": "CVE-2018-20664",
        "IsReleased": true,
        "ContainAdvisoryLink": false
    }
]