pontos.nvd.models package ¶

Subpackages ¶

pontos.nvd.models.cpe
pontos.nvd.models.cve
pontos.nvd.models.cvss_v2
pontos.nvd.models.cvss_v3

pontos.nvd.models.cpe¶

class pontos.nvd.models.cpe.DeprecatedBy(cpe_name=None, cpe_name_id=None)¶

A CPE is deprecated by another CPE

cpe_name¶

Name of the CPE that deprecates this CPE

Type:: str | None

cpe_name_id¶

ID of the CPE that deprecates this CPE

Type:: uuid.UUID | None

class pontos.nvd.models.cpe.ReferenceType(value)¶

A CPE reference type

ADVISORY¶: The reference is an advisory

CHANGELOG¶: The reference is a changelog

PRODUCT¶: The reference is a product

PROJECT¶: The reference is a project

VENDOR¶: The reference is a vendor

VERSION¶: The reference is version

class pontos.nvd.models.cpe.Reference(ref, type=None)¶

A CPE reference

ref¶

The content of the reference

Type:: str

type¶

The type of the reference

Type:: pontos.nvd.models.cpe.ReferenceType | None

class pontos.nvd.models.cpe.Title(title, lang)¶

A CPE title

title¶

The actual title

Type:: str

lang¶

Language of the title

Type:: str

class pontos.nvd.models.cpe.CPE(cpe_name, cpe_name_id, deprecated, last_modified, created, titles=<factory>, refs=<factory>, deprecated_by=<factory>)¶

Represents a CPE

cpe_name¶

The name of the CPE

Type:: str

cpe_name_id¶

UUID of the CPE

Type:: uuid.UUID

deprecated¶

True if the CPE is deprecated

Type:: bool

last_modified¶

Last modification date of the CPE

Type:: datetime.datetime

created¶

Creation date of the CPE

Type:: datetime.datetime

titles¶

List of titles for the CPE

Type:: List[pontos.nvd.models.cpe.Title]

refs¶

References to additional data

Type:: List[pontos.nvd.models.cpe.Reference]

deprecated_by¶

Additional information about possible deprecation by another CPE

Type:: List[pontos.nvd.models.cpe.DeprecatedBy]

pontos.nvd.models.cve¶

class pontos.nvd.models.cve.Configuration(nodes, operator=None, negate=None)¶

A CVE configuration

nodes¶

Type:: List[pontos.nvd.models.cve.Node]

operator¶

Type:: pontos.nvd.models.cve.Operator | None

negate¶

Type:: bool | None

class pontos.nvd.models.cve.CPEMatch(vulnerable, criteria, match_criteria_id, version_start_excluding=None, version_start_including=None, version_end_excluding=None, version_end_including=None)¶

A CPE match referencing a vulnerable product with a version range

vulnerable¶

Type:: bool

criteria¶

Type:: str

match_criteria_id¶

Type:: str

version_start_excluding¶

Matches the CPE excluding the specified version

Type:: str | None

version_start_including¶

Matches the CPE including the specified version

Type:: str | None

version_end_excluding¶

Matches the CPE excluding up to the specified version

Type:: str | None

version_end_including¶

Matches the CPE including up to the specified version

Type:: str | None

class pontos.nvd.models.cve.CVSSType(value)¶

The CVSS Type: primary or secondary

PRIMARY¶: A primary CVSS

SECONDARY¶: A secondary CVSS

class pontos.nvd.models.cve.CVSSv2Metric(source, type, cvss_data, base_severity=None, exploitability_score=None, impact_score=None, ac_insuf_info=None, obtain_all_privilege=None, obtain_user_privilege=None, obtain_other_privilege=None, user_interaction_required=None)¶

A CVSSv3 metric

source¶

The source of the CVSS

Type:: str

type¶

The CVSS type

Type:: pontos.nvd.models.cve.CVSSType

cvss_data¶

The actual CVSSv2 data

Type:: pontos.nvd.models.cvss_v2.CVSSData

base_severity¶

Type:: str | None

exploitability_score¶

Type:: float | None

impact_score¶

Type:: float | None

ac_insuf_info¶

Type:: bool | None

obtain_all_privilege¶

Type:: bool | None

obtain_user_privilege¶

Type:: bool | None

obtain_other_privilege¶

Type:: bool | None

user_interaction_required¶

Type:: bool | None

class pontos.nvd.models.cve.CVSSv3Metric(source, type, cvss_data, exploitability_score=None, impact_score=None)¶

A CVSSv3 metric

source¶

The source of the CVSS

Type:: str

type¶

The CVSS type

Type:: pontos.nvd.models.cve.CVSSType

cvss_data¶

The actual CVSSv3 data

Type:: pontos.nvd.models.cvss_v3.CVSSData

exploitability_score¶

Type:: float | None

impact_score¶

Type:: float | None

class pontos.nvd.models.cve.Description(lang, value)¶

A description in a specific language

lang¶

Language of the description

Type:: str

value¶

The actual description

Type:: str

class pontos.nvd.models.cve.Metrics(cvss_metric_v31=<factory>, cvss_metric_v30=<factory>, cvss_metric_v2=<factory>)¶

CVE metrics

cvss_metric_v31¶

A list of CVSSv3.1 metrics

Type:: List[pontos.nvd.models.cve.CVSSv3Metric]

cvss_metric_v30¶

A list of CVSSv3.0 metrics

Type:: List[pontos.nvd.models.cve.CVSSv3Metric]

cvss_metric_v2¶

A list of CVSSv2 metrics

Type:: List[pontos.nvd.models.cve.CVSSv2Metric]

class pontos.nvd.models.cve.Node(operator, cpe_match=None, negate=None)¶

A CVE configuration node

operator¶

Operator (and/or) for this node

Type:: pontos.nvd.models.cve.Operator

cpe_match¶

The CPE match for the node. Despite a cpe match is required int NISTs API spec the data seems to contain nodes without matches.

Type:: List[pontos.nvd.models.cve.CPEMatch] | None

negate¶

Type:: bool | None

class pontos.nvd.models.cve.Operator(value)¶

An operator: AND or OR

AND¶: A and operator

OR¶: A or operator

class pontos.nvd.models.cve.Reference(url, source=None, tags=<factory>)¶

A CVE reference

url¶

URL to the reference

Type:: str

source¶

Source of the reference

Type:: str | None

tags¶

List of tags for the reference

Type:: List[str]

class pontos.nvd.models.cve.VendorComment(organization, comment, last_modified)¶

A vendor comment

organization¶

Name of the vendor

Type:: str

comment¶

The actual comment of the vendor

Type:: str

last_modified¶

Last modification date of the comment

Type:: datetime.datetime

class pontos.nvd.models.cve.Weakness(source, type, description=<factory>)¶

source¶

Type:: str

type¶

Type:: str

description¶

Type:: List[pontos.nvd.models.cve.Description]

class pontos.nvd.models.cve.CVE(id, source_identifier, published, last_modified, vuln_status, descriptions, references, weaknesses=<factory>, configurations=<factory>, vendor_comments=<factory>, metrics=None, evaluator_comment=None, evaluator_solution=None, evaluator_impact=None, cisa_exploit_add=None, cisa_action_due=None, cisa_required_action=None, cisa_vulnerability_name=None)¶

A model representing a CVE

id¶

ID of the CVE

Type:: str

source_identifier¶

Identifier for the source of the CVE

Type:: str

published¶

Date of publishing

Type:: datetime.datetime

last_modified¶

Last modification date

Type:: datetime.datetime

vuln_status¶

Current vulnerability status

Type:: str

descriptions¶

List of additional descriptions

Type:: List[pontos.nvd.models.cve.Description]

references¶

List of additional references (URLs)

Type:: List[pontos.nvd.models.cve.Reference]

weaknesses¶

List of weaknesses

Type:: List[pontos.nvd.models.cve.Weakness]

configurations¶

List of configurations

Type:: List[pontos.nvd.models.cve.Configuration]

vendor_comments¶

List of vendor comments

Type:: List[pontos.nvd.models.cve.VendorComment]

metrics¶

List of CVSS metrics for this CVE

Type:: pontos.nvd.models.cve.Metrics | None

evaluator_comment¶

Type:: str | None

evaluator_solution¶

Type:: str | None

evaluator_impact¶

Type:: str | None

cisa_exploit_add¶

Type:: datetime.date | None

cisa_action_due¶

Type:: datetime.date | None

cisa_required_action¶

Type:: str | None

cisa_vulnerability_name¶

Type:: str | None

pontos.nvd.models.cvss_v2¶

class pontos.nvd.models.cvss_v2.Severity(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.AccessVector(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.AccessComplexity(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.Authentication(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.Impact(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.Exploitability(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.RemediationLevel(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.ReportConfidence(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.CollateralDamagePotential(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.TargetDistribution(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.Requirement(value)¶: An enumeration.

class pontos.nvd.models.cvss_v2.CVSSData(version: str, vector_string: str, base_score: float, access_vector: pontos.nvd.models.cvss_v2.AccessVector | None = None, access_complexity: pontos.nvd.models.cvss_v2.AccessComplexity | None = None, authentication: pontos.nvd.models.cvss_v2.Authentication | None = None, confidentiality_impact: pontos.nvd.models.cvss_v2.Impact | None = None, integrity_impact: pontos.nvd.models.cvss_v2.Impact | None = None, availability_impact: pontos.nvd.models.cvss_v2.Impact | None = None, exploitability: pontos.nvd.models.cvss_v2.Exploitability | None = None, remediation_level: pontos.nvd.models.cvss_v2.RemediationLevel | None = None, report_confidence: pontos.nvd.models.cvss_v2.ReportConfidence | None = None, temporal_score: float | None = None, collateral_damage_potential: pontos.nvd.models.cvss_v2.CollateralDamagePotential | None = None, target_distribution: pontos.nvd.models.cvss_v2.TargetDistribution | None = None, confidentiality_requirement: pontos.nvd.models.cvss_v2.Requirement | None = None, integrity_requirement: pontos.nvd.models.cvss_v2.Requirement | None = None, availability_requirement: pontos.nvd.models.cvss_v2.Requirement | None = None, environmental_score: float | None = None)¶

pontos.nvd.models.cvss_v3¶

class pontos.nvd.models.cvss_v3.Severity(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.AttackVector(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.ModifiedAttackVector(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.AttackComplexity(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.ModifiedAttackComplexity(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.PrivilegesRequired(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.ModifiedPrivilegesRequired(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.UserInteraction(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.ModifiedUserInteraction(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.Scope(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.ModifiedScope(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.Impact(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.ModifiedImpact(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.ExploitCodeMaturity(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.RemediationLevel(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.Confidence(value)¶: An enumeration.

class pontos.nvd.models.cvss_v3.Requirement(value)¶: An enumeration.