#!/usr/bin/env python
# coding: utf-8

# # CVE

# **Common Vulnerabilities and Exposures Identifier (CVE ID)** is a unique, alphanumeric identifier assigned by the CVE Program. Each identifier references a specific vulnerability. A CVE ID enables automation and multiple parties to discuss, share, and correlate information about a specific vulnerability, knowing they are referring to the same thing
# 
# > source: [www.cve.org](https://www.cve.org/ResourcesSupport/Glossary?activeTerm=glossaryCVEID)

# You can see this notebook directly via:
# - [GitHub](https://github.com/LimberDuck/limberduck.org/blob/master/docs/notebooks/cve/cve.ipynb)
# - [Jupter nbviewer](https://nbviewer.org/github/LimberDuck/limberduck.org/blob/master/docs/notebooks/cve/cve.ipynb)

# ## Generation time

# In[1]:


from datetime import datetime, timezone, timedelta

timezone_offset = 0.0
tzinfo = timezone(timedelta(hours=timezone_offset))
generation_time = datetime.now(tzinfo).strftime('%Y-%m-%d %H:%M:%S %z')
print(generation_time)


# ## Creative Commons

# This notebook and generated diagrams are released with [Creative Commons liecense (CC BY 4.0)](https://creativecommons.org/licenses/by/4.0/deed.en).
# 
# <a href="https://creativecommons.org/licenses/by/4.0/deed.en"><img src="https://mirrors.creativecommons.org/presskit/buttons/88x31/png/by.png" alt="CC BY 4.0" width="100px"/></a>

# In[2]:


import requests
import urllib3

urllib3.disable_warnings()

urls = ['https://mirrors.creativecommons.org/presskit/icons/cc.xlarge.png',
       'https://mirrors.creativecommons.org/presskit/icons/by.xlarge.png']
for url in urls:
    file_name = url.split("/")[-1:][0]
    print(file_name)

    file = requests.get(url, verify=False)
    open(file_name, 'wb').write(file.content)


# ## CVE data downloading

# All CVE IDs are taken from [cve.mitre.org/data/downloads/index.html](https://cve.mitre.org/data/downloads/index.html)

# In[3]:


url = 'https://cve.mitre.org/data/downloads/allitems.xml.Z'
file_name = url.split("/")[-1:][0]
print(file_name)


# In[4]:


import requests
import urllib3

urllib3.disable_warnings()

file = requests.get(url, verify=False)
open(file_name, 'wb').write(file.content)


# In[5]:


import unlzw3
from pathlib import Path

uncompressed_data = unlzw3.unlzw(Path(file_name))


# In[6]:


with open(file_name[:-2], 'wb') as file:
    file.write(uncompressed_data)


# In[7]:


import glob

file_name = glob.glob('*.xml')[-1]
print(file_name)


# ## CVE data parsing

# In[8]:


import pandas as pd 
import xml.etree.ElementTree as et 

tree = et.parse(file_name)
root = tree.getroot()
df_cols = ["number", "year"]
rows = []

for item in root:
    item_name = item.attrib.get("name")
    item_year = item_name[4:8]
    rows.append({"number": item_name, "year": item_year})

df = pd.DataFrame(rows, columns = df_cols)

print(df)


# In[9]:


df = df.groupby(['year'], as_index=False)[['number']].count()
df.reset_index(drop=True, inplace=True)
df.index += 1

df.style.bar(subset=['number'], color='#FF6200')


# ## CVE data saving

# CSV file is available in GitHub repository, see:
# 
# - [file via GitHub](https://github.com/LimberDuck/limberduck.org/blob/master/docs/notebooks/cve/cve-number-of-entries.csv)
# - [file directly](https://raw.githubusercontent.com/LimberDuck/limberduck.org/master/docs/notebooks/cve/cve-number-of-entries.csv)

# In[10]:


csv_filename = 'cve-number-of-entries.csv'

df.to_csv(csv_filename, index=False)


# ## CVE data ploting

# PNG files are available in GitHub repository with two background versions, see: 
# 
# - [file via GitHub (white background)](https://github.com/LimberDuck/limberduck.org/blob/master/docs/notebooks/cve/cve-number-of-entries-bg-white.png)
# - [file via GitHub (transparent background)](https://github.com/LimberDuck/limberduck.org/blob/master/docs/notebooks/cve/cve-number-of-entries-bg-transparent.png)
# - [file directly (white background)](https://raw.githubusercontent.com/LimberDuck/limberduck.org/master/docs/notebooks/cve/cve-number-of-entries-bg-white.png)
# - [file directly (transparent background)](https://raw.githubusercontent.com/LimberDuck/limberduck.org/master/docs/notebooks/cve/cve-number-of-entries-bg-transparent.png)

# In[11]:


import pandas as pd
import matplotlib.pyplot as plt
import datetime

df = pd.read_csv(csv_filename)

df.plot(x='year', 
        xlabel='Year',
        y='number', 
        ylabel='Number of CVE',
        kind='bar', 
        title='Number of CVE per year')
plt.tight_layout()
plt.legend(['CVE'])
plt.figtext(0.15, 0.02, f"Generated on {generation_time} thanks to limberduck.org based on source: cve.mitre.org", ha="left", fontsize=7)
fig = plt.gcf()
fig.set_size_inches(10,6)
fig.patch.set_facecolor('white')
plt.grid(True)

img_cc = plt.imread('cc.xlarge.png')
newax_cc = fig.add_axes([0.88, 0.0, 0.05, 0.05], anchor='NE', zorder=-1)
newax_cc.imshow(img_cc)
newax_cc.axis('off')
img_by = plt.imread('by.xlarge.png')
newax_by = fig.add_axes([0.92, 0.0, 0.05, 0.05], anchor='NE', zorder=-1)
newax_by.imshow(img_by)
newax_by.axis('off')

plt.savefig('cve-number-of-entries-bg-white.png', dpi = 300, facecolor = 'white')
plt.savefig('cve-number-of-entries-bg-transparent.png', dpi = 300, transparent = True)