row_accumulator = []
for filename in glob.glob('nvd.jsonl'):
with open(filename, 'r', encoding='utf-8') as f:
nvd_data = json.load(f)
for entry in nvd_data:
cve = entry['cve']['id']
try:
assigner = entry['cve']['sourceIdentifier']
except KeyError:
assigner = 'Missing_Data'
try:
published_date = entry['cve']['published']
except KeyError:
published_date = 'Missing_Data'
try:
attack_vector = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['attackVector']
except KeyError:
attack_vector = 'Missing_Data'
try:
attack_complexity = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['attackComplexity']
except KeyError:
attack_complexity = 'Missing_Data'
try:
privileges_required = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['privilegesRequired']
except KeyError:
privileges_required = 'Missing_Data'
try:
user_interaction = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['userInteraction']
except KeyError:
user_interaction = 'Missing_Data'
try:
scope = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['scope']
except KeyError:
scope = 'Missing_Data'
try:
confidentiality_impact = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['confidentialityImpact']
except KeyError:
confidentiality_impact = 'Missing_Data'
try:
integrity_impact = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['integrityImpact']
except KeyError:
integrity_impact = 'Missing_Data'
try:
availability_impact = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['availabilityImpact']
except KeyError:
availability_impact = 'Missing_Data'
try:
base_score = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['baseScore']
except KeyError:
base_score = '0.0'
try:
base_severity = entry['cve']['metrics']['cvssMetricV31'][0]['cvssData']['baseSeverity']
except KeyError:
base_severity = 'Missing_Data'
try:
exploitability_score = entry['cve']['metrics']['cvssMetricV31'][0]['exploitabilityScore']
except KeyError:
exploitability_score = 'Missing_Data'
try:
impact_score = entry['cve']['metrics']['cvssMetricV31'][0]['impactScore']
except KeyError:
impact_score = 'Missing_Data'
try:
cwe = entry['cve']['weaknesses'][0]['description'][0]['value']
except KeyError:
cwe = 'Missing_Data'
try:
description = entry['cve']['descriptions'][0]['value']
except IndexError:
description = ''
new_row = {
'CVE': cve,
'Published': published_date,
'AttackVector': attack_vector,
'AttackComplexity': attack_complexity,
'PrivilegesRequired': privileges_required,
'UserInteraction': user_interaction,
'Scope': scope,
'ConfidentialityImpact': confidentiality_impact,
'IntegrityImpact': integrity_impact,
'AvailabilityImpact': availability_impact,
'BaseScore': base_score,
'BaseSeverity': base_severity,
'ExploitabilityScore': exploitability_score,
'ImpactScore': impact_score,
'CWE': cwe,
'Description': description,
'Assigner' : assigner
}
if not description.startswith('rejected reason'):
row_accumulator.append(new_row)
nvd = pd.DataFrame(row_accumulator)
nvd['Published'] = pd.to_datetime(nvd['Published'])
nvd = nvd.sort_values(by=['Published'])
nvd = nvd.reset_index(drop=True)
nvd['BaseScore'] = pd.to_numeric(nvd['BaseScore']);
nvd['BaseScore'] = nvd['BaseScore'].replace(0, np.NaN);
nvdcount = nvd['Published'].count()
nvd['Published'] = pd.to_datetime(nvd['Published']).apply(lambda x: x.date())
nvdcount = nvd['Published'].count()
startdate = date(2000, 1, 1)
enddate = date.today()
numberofdays = enddate - startdate
per_day = nvdcount/numberofdays.days