Parse a fireeye advisory repo and return an AdvisoryData or None. These files are in Markdown format.
(raw_data, file, base_path)
| 56 | |
| 57 | |
| 58 | def parse_advisory_data(raw_data, file, base_path) -> AdvisoryData: |
| 59 | """ |
| 60 | Parse a fireeye advisory repo and return an AdvisoryData or None. |
| 61 | These files are in Markdown format. |
| 62 | """ |
| 63 | relative_path = str(file.relative_to(base_path)).strip("/") |
| 64 | advisory_url = ( |
| 65 | f"https://github.com/mandiant/Vulnerability-Disclosures/blob/master/{relative_path}" |
| 66 | ) |
| 67 | raw_data = raw_data.replace("\n\n", "\n") |
| 68 | md_list = raw_data.split("\n") |
| 69 | md_dict = md_list_to_dict(md_list) |
| 70 | |
| 71 | database_id = md_list[0][1::] |
| 72 | summary = md_dict.get(database_id[1::]) or [] |
| 73 | description = md_dict.get("## Description") or [] |
| 74 | impact = md_dict.get("## Impact") # not used but can be used to get severity |
| 75 | exploit_ability = md_dict.get("## Exploitability") # not used |
| 76 | cve_ref = md_dict.get("## CVE Reference") or [] |
| 77 | tech_details = md_dict.get("## Technical Details") # not used |
| 78 | resolution = md_dict.get("## Resolution") # not used |
| 79 | disc_credits = md_dict.get("## Discovery Credits") # not used |
| 80 | disc_timeline = md_dict.get("## Disclosure Timeline") # not used |
| 81 | references = md_dict.get("## References") or [] |
| 82 | cwe_data = md_dict.get("## Common Weakness Enumeration") or [] |
| 83 | |
| 84 | return AdvisoryData( |
| 85 | aliases=get_aliases(database_id, cve_ref), |
| 86 | summary=build_description(" ".join(summary), " ".join(description)), |
| 87 | references=get_references(references), |
| 88 | weaknesses=get_weaknesses(cwe_data), |
| 89 | url=advisory_url, |
| 90 | ) |
| 91 | |
| 92 | |
| 93 | def get_references(references): |