pontos.cpe package¶

exception pontos.cpe.CPEParsingError¶: An error occurred while parsing a CPE

class pontos.cpe.Part(value)¶: Represents the possible values for a part CPE attribute

class pontos.cpe.CPE(*, cpe_string=None, part, vendor, product, version=None, update=None, edition=None, language=None, sw_edition=None, target_sw=None, target_hw=None, other=None)¶

Represents a Common Platform Enumeration (CPE) name

Supports CPE specification 2.2 (uri) and 2.3 (formatted string)

part¶: Value should be “a” for application, “o” for operating system or “h” for hardware

vendor¶: Person or organization that manufactured or created the product

product¶: Identifies the most common and recognizable title or name of the product

version¶: A vendor-specific alphanumeric string characterizing the particular release version of the product

update¶: A vendor-specific alphanumeric string characterizing the particular update, service pack, or point release of the product

edition¶: The edition attribute is considered deprecated in the 2.3 CPE specification, and it should be assigned the logical value ANY except where required for backward compatibility with version 2.2 of the CPE specification. This attribute is referred to as the “legacy edition” attribute

language¶: Defines the language supported in the user interface of the product (as language tags defined by RFC5646)

sw_edition¶: Characterizes how the product is tailored to a particular market or class of end users. Extended attribute introduced with version 2.3 of the CPE specification

target_sw¶: Characterizes the software computing environment within which the product operates. Extended attribute introduced with version 2.3 of the CPE specification

hardware_sw¶: Characterizes the instruction set architecture (e.g., x86) on which the product operates. Extended attribute introduced with version 2.3 of the CPE specification

other¶: Captures any other general descriptive or identifying information which is vendor- or product-specific and which does not logically fit in any other attribute value. Extended attribute introduced with version 2.3 of the CPE specification

cpe_string¶: The original parsed CPE string

Example

from pontos.cpe import CPE

cpe = CPE.from_string("cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*")

print(cpe.vendor)           # google
print(cpe.product)          # android
print(cpe.version)          # 13.0
print(cpe.as_uri_binding()) # cpe:/o:google:android:13.0

static from_string(cpe)¶

Create a new CPE from a string

Return type:: CPE

has_extended_attribute()¶

Returns True if the CPE has an extended attribute set

Return type:: bool

is_uri_binding()¶

Returns True if the CPE is parsed from a URI binding

Return type:: bool

is_formatted_string_binding()¶

Returns True if the CPE is parsed from a formatted string binding

Return type:: bool

as_uri_binding()¶

Converts the CPE to an URI binding

Return type:: str

as_formatted_string_binding()¶

Converts the CPE to a formatted string binding

Return type:: str

clone(**kwargs)¶

Clone a CPE and allow to override parts

Example

from pontos.cpe import CPE, ANY

android_13 = CPE.from_string(
    "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*"
)
all_android_versions = cpe.clone(version=ANY)

Return type:: CPE