HEX
Server: Apache
System: Linux pdx1-shared-a1-38 6.6.104-grsec-jammy+ #3 SMP Tue Sep 16 00:28:11 UTC 2025 x86_64
User: mmickelson (3396398)
PHP: 8.1.31
Disabled: NONE
$ pwd: /lib/python3/dist-packages/uaclient/api/u/pro/security/cves/__pycache__/
Upload Files
File: //lib/python3/dist-packages/uaclient/api/u/pro/security/cves/__pycache__/v1.cpython-310.pyc
o

��Jh-�	@s�ddlZddlmZmZmZmZddlmZmZddl	m
Z
ddlmZddl
mZmZddlmZddlmZdd	lmZmZmZmZmZmZmZmZGd
d�de�ZGdd
�d
e�ZGdd�de�ZGdd�de�Z Gdd�de�Z!Gdd�dee�Z"Gdd�de�Z#de$fdd�Z%dede"fdd�Z&dedee'efde'de"fd d!�Z(ded"ede"fd#d$�Z)e
d%d&e)ed'�Z*d(d)d*e"eggd+d,d-�Z+dS).�N)�Any�Dict�List�Optional)�system�util)�APIEndpoint)�AdditionalInfo)�VulnerabilityParser�get_vulnerabilities)�get_apt_cache_datetime)�UAConfig)�
BoolDataValue�
DataObject�DatetimeDataValue�Field�FloatDataValue�StringDataValue�	data_dict�	data_listc@sNeZdZededdd�ededdd�gZddd�deedeefdd	�Zd
S)�CVEsOptions�	unfixableFzShow only unfixable CVES.��doc�fixablezShow only fixable CVES.�rrcC�||_||_dS�Nr)�selfrr�r�E/usr/lib/python3/dist-packages/uaclient/api/u/pro/security/cves/v1.py�__init__)s
zCVEsOptions.__init__N)	�__name__�
__module__�__qualname__rr�fieldsr�boolr!rrrr rs*������rc@s`eZdZededdd�ededdd�ededdd�ed	ed
d�gZdededed	efdd�Zd
S)�CVEAffectedPackage�nameFzThe CVE namer�fix_versionz.The version that fixes the CVE for the package�
fix_statusz)The status of the CVE fix for the package�
fix_originz*The pocket where the fix is available fromcC�||_||_||_||_dSr�r(r)r*r+)rr(r)r*r+rrr r!Ns
zCVEAffectedPackage.__init__N�r"r#r$rrr%�strr!rrrr r'3sD���������r'c@sBeZdZededd�edee�dd�gZdede	efdd�Z
dS)	�AffectedPackage�current_versionz"The current version of the packager�cvesz The CVE that affects the packagecCrr�r1r2)rr1r2rrr r!es
zAffectedPackage.__init__N)r"r#r$rrrr'r%r/rr!rrrr r0Ws"���
��r0c@s:eZdZededd�ededd�gZdedefdd�ZdS)	�
RelatedUSNr(zThe USN namer�titlez
The USN titlecCrr�r(r5)rr(r5rrr r!zs
zRelatedUSN.__init__Nr.rrrr r4ls���
r4c@s�eZdZededd�ededd�ededd�edee�d	d
d�eded	dd�ed
ed	dd�gZdddddd�de	de
j
de	deee	dee
d
ee	deeedeee	fdd�ZdS)�CVEInfo�descriptionzThe CVE descriptionr�published_atzThe CVE published date�priorityzThe ubuntu priority for the CVE�notesFzA list of notes for the CVE�
cvss_scorezThe CVE cvss score�
cvss_severityzThe CVE cvss severityN)r;r<r=�related_usns�related_packagesr>r?c	Cs4||_||_||_||_||_||_||_||_dSr�r8r9r:r;r<r=r>r?)	rr8r9r:r;r<r=r>r?rrr r!�s
zCVEInfo.__init__)r"r#r$rrrrrr%r/�datetimerr�floatr4r!rrrr r7sr�������*����
���
	�

�r7c
@sleZdZedeed�dd�edeed�dd�gZdd�dee	efdee	efd	e
j
d
ee
j
fdd�ZdS)
�
CVEsResult�packages)�	value_clszcA dictionary where the keys are installed package names and the values are AffectedPackage objects.rr2zMA dictionary where the keys are CVE names and the values are CVEInfo objects.N)�apt_updated_at�vulnerability_data_published_atrFcCr,r�rDr2rGrF)rrDr2rGrFrrr r!�s
zCVEsResult.__init__)
r"r#r$rrr0r7r%rr/rArr!rrrr rC�s,����
�
��	�rCc@s`eZdZdZdeeefdeeeffdd�Zdeeefdeeefdeeeffdd	�Zd
S)�	CVEParserr2�affected_pkg�returncCs|�|ji�Sr)�get�vulnerability_type)rrJrrr �get_package_vulnerabilities�sz%CVEParser.get_package_vulnerabilities�vulnerability_info�vulnerabilities_datacCs\|�d�r,g}|�di��di�}|dD]}|�||�|i��dd�d��q||d<|S)Nr>�security_issues�usnsr5�r6)rL�append)rrOrPr>�usn_info�related_usnrrr � _post_process_vulnerability_info�s
����	z*CVEParser._post_process_vulnerability_infoN)	r"r#r$rMrr/rrNrWrrrr rI�s
�

�
�
�
�rIrKcCs4|�d�o	|�d�}|jr|rdS|jr|sdSdS)Nr)r+FT)rLrr)�cve�options�
is_fixablerrr �cve_status_match_options�s

r[rYcCst|t��Sr)�_cvesr
)rYrrr r2	sr2�vulnerabilitiesrGc	
s�i}t��t|�di����D]@\}}g}t|�dg�dd�d�D]!}t||�rB|�t|d|d|d|d	d
����|d�q!|rOt|d|d�||<q�fd
d�t|�di���dd�d�D�}t	||t
�|�t�d�S)NrDr2cS�|dS)Nr(r)rXrrr �<lambda>�z(_parse_vulnerabilities.<locals>.<lambda>)�keyr(r)r*r+r-r1r3csji|]1\}}|�vr|t|dt�|d�|d|d|d|ddd�|�dg�D�|�d	g�d
��qS)r8r9�ubuntu_priorityr;r<r=cSs(g|]}t|�dd�|�dd�d��qS)r(rSr5r6)r4rL)�.0rVrrr �
<listcomp>6s�

��z5_parse_vulnerabilities.<locals>.<dictcomp>.<listcomp>r>r?r@)r7r�parse_rfc3339_daterL)rc�cve_namerX��allowed_cvesrr �
<dictcomp>.s �
�
�z*_parse_vulnerabilities.<locals>.<dictcomp>r]cSr^)Nrr)�vrrr r_Ar`rH)
�set�sortedrL�itemsr[rTr'�addr0rCrrer)	rYr]rGrD�pkg_name�package_info�pkg_cvesrXr2rrgr �_parse_vulnerabilitiessP�
�
���
��
����rr�cfgcCsH|jr|jrd|_d|_t��j}tt�||d�}|j}t|||j	d�S)z�
    This endpoint shows the CVE vulnerabilites in the system.
    By default, this API will show all CVEs that affect the system.
    F)�parserrs�series)rYr]rG)
rrr�get_release_inforurrI�vulnerabilities_inforrrG)rYrsru�cve_vulnerabilities_result�cve_vulnerabilitiesrrr r\Ps
��r\�v1�CVEs)�versionr(�fn�options_cls�35Tzs
from uaclient.api.u.pro.security.cves.v1 import cves, CVEsOptions

options = CVEsOptions()
result = cves(options)
zpro api u.pro.security.cves.v1a�
{
    "cves": {
      "CVE-2023-5678": {
        "cvss_score": 8.1,
        "cvss_severity": "high",
        "description": "description example",
        "notes": [
          "note example",
        ],
        "priority": "medium",
        "published_at": ".*"
      }
    },
    "packages": {
      "accountsservice": {
        "current_version": "0.6.40-2ubuntu11.6",
        "cves": [
          {
            "fix_origin": "esm-infra",
            "fix_status": "fixed",
            "fix_version": "0.6.40-2ubuntu11.6+esm1",
            "name": "CVE-2023-5678"
          }
        ]
      },
      "libaccountsservice0": {
        "current_version": "0.6.40-2ubuntu11.6",
        "cves": [
          {
            "fix_origin": "esm-infra",
            "fix_status": "fixed",
            "fix_version": "0.6.40-2ubuntu11.6+esm1",
            "name": "CVE-2023-5678"
          }
        ]
      }
    },
}
)�
introduced_in�requires_network�example_python�result_class�ignore_result_classes�
exceptions�example_cli�example_json),rA�typingrrrr�uaclientrr�uaclient.api.apir�uaclient.api.data_typesr	�+uaclient.api.u.pro.security.cves._common.v1r
r�uaclient.aptr�uaclient.configr
�uaclient.data_typesrrrrrrrrrr'r0r4r7rCrIr&r[r2r/rrr\�endpoint�_docrrrr �<module>sj($>#
�
��
��
�A��
� �
�
@ Telegram