diff --git a/src/main/java/io/gardenlinux/glvd/GlvdService.java b/src/main/java/io/gardenlinux/glvd/GlvdService.java index 0ac5354..53658a0 100644 --- a/src/main/java/io/gardenlinux/glvd/GlvdService.java +++ b/src/main/java/io/gardenlinux/glvd/GlvdService.java @@ -1,9 +1,6 @@ package io.gardenlinux.glvd; -import io.gardenlinux.glvd.db.SourcePackage; -import io.gardenlinux.glvd.db.SourcePackageCve; -import io.gardenlinux.glvd.db.SourcePackageCveRepository; -import io.gardenlinux.glvd.db.SourcePackageRepository; +import io.gardenlinux.glvd.db.*; import jakarta.annotation.Nonnull; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -24,11 +21,15 @@ public class GlvdService { @Nonnull private final SourcePackageRepository sourcePackageRepository; + @Nonnull + private final CveDetailsRepository cveDetailsRepository; + Logger logger = LoggerFactory.getLogger(GlvdService.class); - public GlvdService(@Nonnull SourcePackageCveRepository sourcePackageCveRepository, @Nonnull SourcePackageRepository sourcePackageRepository) { + public GlvdService(@Nonnull SourcePackageCveRepository sourcePackageCveRepository, @Nonnull SourcePackageRepository sourcePackageRepository, @Nonnull CveDetailsRepository cveDetailsRepository) { this.sourcePackageCveRepository = sourcePackageCveRepository; this.sourcePackageRepository = sourcePackageRepository; + this.cveDetailsRepository = cveDetailsRepository; } private Pageable determinePageAndSortFeatures(SortAndPageOptions sortAndPageOptions) { @@ -103,4 +104,8 @@ cveId, gardenlinuxVersion, determinePageAndSortFeatures(sortAndPageOptions) ); } + public CveDetails getCveDetails(String cveId) { + return cveDetailsRepository.findByCveId(cveId); + } + } diff --git a/src/main/java/io/gardenlinux/glvd/UiController.java b/src/main/java/io/gardenlinux/glvd/UiController.java index e859ee2..22562f7 100644 --- a/src/main/java/io/gardenlinux/glvd/UiController.java +++ b/src/main/java/io/gardenlinux/glvd/UiController.java @@ -87,4 +87,11 @@ gardenlinuxVersion, cveId, new SortAndPageOptions(sortBy, sortOrder, pageNumber, return "getPackagesByVulnerability"; } + @GetMapping("/getCveDetails") + public String getCveDetails(@RequestParam(name = "cveId", required = true) String cveId, Model model) { + var cveDetails = glvdService.getCveDetails(cveId); + model.addAttribute("cveDetails", cveDetails); + return "getCveDetails"; + } + } \ No newline at end of file diff --git a/src/main/java/io/gardenlinux/glvd/db/CveDetails.java b/src/main/java/io/gardenlinux/glvd/db/CveDetails.java new file mode 100644 index 0000000..e961fd3 --- /dev/null +++ b/src/main/java/io/gardenlinux/glvd/db/CveDetails.java @@ -0,0 +1,113 @@ +package io.gardenlinux.glvd.db; + +import jakarta.persistence.Column; +import jakarta.persistence.Entity; +import jakarta.persistence.Id; +import jakarta.persistence.Table; + +@Entity +@Table(name = "cvedetails") +public class CveDetails { + @Id + @Column(name = "cve_id", nullable = false) + private String cveId; + + @Column(name = "vulnstatus", nullable = false) + private String vulnStatus; + + @Column(name = "description", nullable = false) + private String description; + + @Column(name = "published", nullable = false) + private String cvePublishedDate; + + @Column(name = "base_score_v40", nullable = true) + private Float baseScoreV40; + + @Column(name = "base_score_v31", nullable = true) + private Float baseScoreV31; + + @Column(name = "base_score_v30", nullable = true) + private Float baseScoreV30; + + @Column(name = "base_score_v2", nullable = true) + private Float baseScoreV2; + + @Column(name = "vector_string_v40", nullable = true) + private String vectorStringV40; + + @Column(name = "vector_string_v31", nullable = true) + private String vectorStringV31; + + @Column(name = "vector_string_v30", nullable = true) + private String vectorStringV30; + + @Column(name = "vector_string_v2", nullable = true) + private String vectorStringV2; + + public CveDetails() { + } + + public CveDetails(String cveId, String vulnStatus, String description, String cvePublishedDate, Float baseScoreV40, Float baseScoreV31, Float baseScoreV30, Float baseScoreV2, String vectorStringV40, String vectorStringV31, String vectorStringV30, String vectorStringV2) { + this.cveId = cveId; + this.vulnStatus = vulnStatus; + this.description = description; + this.cvePublishedDate = cvePublishedDate; + this.baseScoreV40 = baseScoreV40; + this.baseScoreV31 = baseScoreV31; + this.baseScoreV30 = baseScoreV30; + this.baseScoreV2 = baseScoreV2; + this.vectorStringV40 = vectorStringV40; + this.vectorStringV31 = vectorStringV31; + this.vectorStringV30 = vectorStringV30; + this.vectorStringV2 = vectorStringV2; + } + + public String getCveId() { + return cveId; + } + + public String getVulnStatus() { + return vulnStatus; + } + + public String getDescription() { + return description; + } + + public String getCvePublishedDate() { + return cvePublishedDate; + } + + public Float getBaseScoreV40() { + return baseScoreV40; + } + + public Float getBaseScoreV31() { + return baseScoreV31; + } + + public Float getBaseScoreV30() { + return baseScoreV30; + } + + public Float getBaseScoreV2() { + return baseScoreV2; + } + + public String getVectorStringV40() { + return vectorStringV40; + } + + public String getVectorStringV31() { + return vectorStringV31; + } + + public String getVectorStringV30() { + return vectorStringV30; + } + + public String getVectorStringV2() { + return vectorStringV2; + } +} diff --git a/src/main/java/io/gardenlinux/glvd/db/CveDetailsRepository.java b/src/main/java/io/gardenlinux/glvd/db/CveDetailsRepository.java new file mode 100644 index 0000000..ba85574 --- /dev/null +++ b/src/main/java/io/gardenlinux/glvd/db/CveDetailsRepository.java @@ -0,0 +1,10 @@ +package io.gardenlinux.glvd.db; + +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.repository.query.Param; + +public interface CveDetailsRepository extends JpaRepository { + CveDetails findByCveId( + @Param("cve_id") String cve_id + ); +} diff --git a/src/main/resources/static/index.html b/src/main/resources/static/index.html index 52ad7bf..6b1225e 100644 --- a/src/main/resources/static/index.html +++ b/src/main/resources/static/index.html @@ -29,5 +29,8 @@

Packages affected by CVE-2024-8088 in Garden Linux 1592.0

+

CVE Details for CVE-2024-45490

+ + \ No newline at end of file diff --git a/src/main/resources/templates/getCveDetails.html b/src/main/resources/templates/getCveDetails.html new file mode 100644 index 0000000..69c4c85 --- /dev/null +++ b/src/main/resources/templates/getCveDetails.html @@ -0,0 +1,46 @@ + + + + GLVD: CVE Details + + + + + +

+ +NIST NATIONAL VULNERABILITY DATABASE + +

+ +

+ +

+ +

+

+ +

+

+ +

+

+ +

+

+ + + + \ No newline at end of file diff --git a/src/main/resources/templates/getCveForDistribution.html b/src/main/resources/templates/getCveForDistribution.html index a5759a9..6d7f72c 100644 --- a/src/main/resources/templates/getCveForDistribution.html +++ b/src/main/resources/templates/getCveForDistribution.html @@ -33,7 +33,7 @@ - +

diff --git a/src/main/resources/templates/getCveForPackages.html b/src/main/resources/templates/getCveForPackages.html index fa1e67f..0392800 100644 --- a/src/main/resources/templates/getCveForPackages.html +++ b/src/main/resources/templates/getCveForPackages.html @@ -18,7 +18,7 @@ - +
diff --git a/src/main/resources/templates/getPackagesByVulnerability.html b/src/main/resources/templates/getPackagesByVulnerability.html index ddb8011..edac538 100644 --- a/src/main/resources/templates/getPackagesByVulnerability.html +++ b/src/main/resources/templates/getPackagesByVulnerability.html @@ -18,7 +18,7 @@ - +