robertpostill/cve-search.rkt

## cve-search.rkt
#lang racket/base

(require quickscript)
(require racket/string)
(require net/url)
(require json)

(define LAST-30-CVES-ENDPOINT "https://cve.circl.lu/api/last")
(define SPECIFIC-CVE-ENDPOINT "https://cve.circl.lu/api/cve/") ; e.g. https://cve.circl.lu/api/cve/CVE-2010-3333
(define CVE-REGEXP #px"CVE-\\d{4}-\\d{4}")

;; given: empty string, expect: the latest CVE details
;; given: "CVE-2017-5969" a valid CVE-ID, expect: CVE report in a message box
(define-script cve-search
  #:label "CVE Search"
  #:output-to message-box
  #:help-string "A function to help you gather CVE information, if you use it with a text slection it will try and work out if there any CVEs referenced by your selection"
  (λ (selection)
    (if (regexp-match CVE-REGEXP selection)
        (cve-details (car (regexp-match CVE-REGEXP selection)))
        (latest-cve)
        )))

;; return a string containing the last 30 CVEs ID and their summary
;; I think I could make this more efficient but it seems the vast bulk of the time is in the network request (as you'd expect)
(define (latest-cve)
  (define cves (call/input-url (string->url LAST-30-CVES-ENDPOINT)
                               get-pure-port
                               read-json))
  (define cve-summaries (map (lambda (cve)
                               (string-append (hash-ref cve 'id) " : " (hash-ref cve 'summary)))
                             cves))
  (car cve-summaries))

;; return a CVE from a specific CVE id
;; I'd like to have the references render as links
(define (cve-details cve-id)
  (define cve-report (call/input-url (string->url (string-append SPECIFIC-CVE-ENDPOINT cve-id))
                                     get-pure-port
                                     read-json))
  (define cve-summary
    (string-append "Published: " (hash-ref cve-report 'Published) "\n"
                   "Summary: " (hash-ref cve-report 'summary) "\n"
                   "References: " (string-append* (map (lambda (ref) (string-append ref "\n")) (hash-ref cve-report 'references)))))
  cve-summary)
	#lang racket/base

	(require quickscript)
	(require racket/string)
	(require net/url)
	(require json)

	(define LAST-30-CVES-ENDPOINT "https://cve.circl.lu/api/last")
	(define SPECIFIC-CVE-ENDPOINT "https://cve.circl.lu/api/cve/") ; e.g. https://cve.circl.lu/api/cve/CVE-2010-3333
	(define CVE-REGEXP #px"CVE-\\d{4}-\\d{4}")

	;; given: empty string, expect: the latest CVE details
	;; given: "CVE-2017-5969" a valid CVE-ID, expect: CVE report in a message box
	(define-script cve-search
	#:label "CVE Search"
	#:output-to message-box
	#:help-string "A function to help you gather CVE information, if you use it with a text slection it will try and work out if there any CVEs referenced by your selection"
	(λ (selection)
	(if (regexp-match CVE-REGEXP selection)
	(cve-details (car (regexp-match CVE-REGEXP selection)))
	(latest-cve)
	)))

	;; return a string containing the last 30 CVEs ID and their summary
	;; I think I could make this more efficient but it seems the vast bulk of the time is in the network request (as you'd expect)
	(define (latest-cve)
	(define cves (call/input-url (string->url LAST-30-CVES-ENDPOINT)
	get-pure-port
	read-json))
	(define cve-summaries (map (lambda (cve)
	(string-append (hash-ref cve 'id) " : " (hash-ref cve 'summary)))
	cves))
	(car cve-summaries))

	;; return a CVE from a specific CVE id
	;; I'd like to have the references render as links
	(define (cve-details cve-id)
	(define cve-report (call/input-url (string->url (string-append SPECIFIC-CVE-ENDPOINT cve-id))
	get-pure-port
	read-json))
	(define cve-summary
	(string-append "Published: " (hash-ref cve-report 'Published) "\n"
	"Summary: " (hash-ref cve-report 'summary) "\n"
	"References: " (string-append* (map (lambda (ref) (string-append ref "\n")) (hash-ref cve-report 'references)))))
	cve-summary)