tgamblin/simple-nvd-stats.py

## simple-nvd-stats.py
#!/usr/bin/env python
# Simple NVD Stats, showing vulnerabilities by OS.
# Run on data from https://nvd.nist.gov/download.cfm
# by Todd Gamblin

import re
import subprocess
from contextlib import closing

class Entry(object):
    def __init__(self, eid):
        self.eid = eid
        self.products = set()
        self.score = 0.0


    def __contains__(self, prod_value):
        return any(prod_value in p for p in self.products)


def parse(db_file):
    last_match = None
    db = []

    with closing(open(db_file)) as f:
        for line in f:
            m = re.search(r'<entry id="([^"]*)">', line)
            if m:
                if last_match:
                    db.append(last_match)
                last_match = Entry(m.group(1))
                continue

            m = re.search(r'<vuln:product>cpe:/.:([^>]*)</vuln:product', line)
            if m and last_match:
                last_match.products.add(m.group(1))
                continue

            m = re.search(r'<cvss:score>([^<]*)</cvss:score>', line)
            if m and last_match:
                last_match.score = float(m.group(1))
                continue

    if last_match:
        db.append(last_match)
    return db


db = parse('nvdcve-2.0-2014.xml')

def stats(query):
    tot  = [e for e in db if query in e]
    high = [e for e in tot if e.score >= 7.0]
    med  = [e for e in tot if e.score < 7.0 and e.score >= 4.0 ]
    low  = [e for e in tot if e.score < 4.0]


    print "%-40s%5d%5d%5d%5d" % (query, len(tot), len(high), len(med), len(low))

print "%-40s%5s%5s%5s%5s" % ("PRODUCT", "TOT", "HIGH", "MED", "LOW")
stats('mac_os_x')
stats('mac_os_x:10.10')
stats('mac_os_x:10.9')
stats('mac_os_x:10.8')
stats('mac_os_x:10.7')
stats('mac_os_x:10.6')
stats('mac_os_x:10.5')

print
stats('linux:linux_kernel')
stats('linux:linux_kernel:3.10')
stats('linux:linux_kernel:3.4')
stats('linux:linux_kernel:2.6')
stats('linux:linux_kernel:2.5')

print
stats('apple:iphone_os')
stats('apple:iphone_os:8')
stats('apple:iphone_os:7')
stats('apple:iphone_os:6')

print
stats('google:android')
stats('google:android:4')
stats('google:android:3')
stats('google:android:2')
stats('google:android:1')

print
stats('microsoft:win')
stats('microsoft:windows_server_2008')
stats('microsoft:windows_7')
stats('microsoft:windows_server_2012')
stats('microsoft:windows_8')
stats('microsoft:windows_8.1')
stats('microsoft:windows_vista')
stats('microsoft:windows_rt')
	#!/usr/bin/env python
	# Simple NVD Stats, showing vulnerabilities by OS.
	# Run on data from https://nvd.nist.gov/download.cfm
	# by Todd Gamblin

	import re
	import subprocess
	from contextlib import closing

	class Entry(object):
	def __init__(self, eid):
	self.eid = eid
	self.products = set()
	self.score = 0.0


	def __contains__(self, prod_value):
	return any(prod_value in p for p in self.products)


	def parse(db_file):
	last_match = None
	db = []

	with closing(open(db_file)) as f:
	for line in f:
	m = re.search(r'<entry id="([^"]*)">', line)
	if m:
	if last_match:
	db.append(last_match)
	last_match = Entry(m.group(1))
	continue

	m = re.search(r'<vuln:product>cpe:/.:([^>]*)</vuln:product', line)
	if m and last_match:
	last_match.products.add(m.group(1))
	continue

	m = re.search(r'<cvss:score>([^<]*)</cvss:score>', line)
	if m and last_match:
	last_match.score = float(m.group(1))
	continue

	if last_match:
	db.append(last_match)
	return db


	db = parse('nvdcve-2.0-2014.xml')

	def stats(query):
	tot = [e for e in db if query in e]
	high = [e for e in tot if e.score >= 7.0]
	med = [e for e in tot if e.score < 7.0 and e.score >= 4.0 ]
	low = [e for e in tot if e.score < 4.0]



	print "%-40s%5d%5d%5d%5d" % (query, len(tot), len(high), len(med), len(low))

	print "%-40s%5s%5s%5s%5s" % ("PRODUCT", "TOT", "HIGH", "MED", "LOW")
	stats('mac_os_x')
	stats('mac_os_x:10.10')
	stats('mac_os_x:10.9')
	stats('mac_os_x:10.8')
	stats('mac_os_x:10.7')
	stats('mac_os_x:10.6')
	stats('mac_os_x:10.5')

	print
	stats('linux:linux_kernel')
	stats('linux:linux_kernel:3.10')
	stats('linux:linux_kernel:3.4')
	stats('linux:linux_kernel:2.6')
	stats('linux:linux_kernel:2.5')

	print
	stats('apple:iphone_os')
	stats('apple:iphone_os:8')
	stats('apple:iphone_os:7')
	stats('apple:iphone_os:6')

	print
	stats('google:android')
	stats('google:android:4')
	stats('google:android:3')
	stats('google:android:2')
	stats('google:android:1')

	print
	stats('microsoft:win')
	stats('microsoft:windows_server_2008')
	stats('microsoft:windows_7')
	stats('microsoft:windows_server_2012')
	stats('microsoft:windows_8')
	stats('microsoft:windows_8.1')
	stats('microsoft:windows_vista')
	stats('microsoft:windows_rt')