support/scripts/pkg-stats: add CPE searching links

For cases of a CPE having a unknown version or when there hasn't been a CPE verified, proposed a search criteria to help the user research an update. (libcurl has NIST dict entries but not this version) cpe:2.3🅰️haxx:libcurl:7.76.1:*:*:*:*:*:*:* CPE identifier unknown in CPE database (Search) (jitterentropy-library package doesn't have any NIST dict entries) no verified CPE identifier (Search) Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> [yann.morin.1998@free.fr: fix flake8 issues] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-04-22 14:45:56 -05:00 · 2021-04-22 14:45:56 -05:00 · c5aa3c5883
commit c5aa3c5883
parent fd7312940a
1 changed files with 7 additions and 1 deletions
--- a/support/scripts/pkg-stats
+++ b/support/scripts/pkg-stats
@ -921,7 +921,13 @@ def dump_html_pkg(f, pkg):
    if pkg.cpeid:
        f.write("  <code>%s</code>\n" % pkg.cpeid)
    if not pkg.is_status_ok("cpe"):
-        f.write("  %s%s\n" % ("<br/>" if pkg.cpeid else "", pkg.status['cpe'][1]))
+        if pkg.cpeid:
+            f.write("  <br/>%s <a href=\"https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=%s\">(Search)</a>\n" %  # noqa: E501
+                    (pkg.status['cpe'][1], ":".join(pkg.cpeid.split(":")[0:5])))
+        else:
+            f.write("  %s <a href=\"https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=%s\">(Search)</a>\n" %
+                    (pkg.status['cpe'][1], pkg.name))
+
    f.write("  </td>\n")

    f.write(" </tr>\n")