Merge pull request #14 from meddlin:feature/epss-cve-summary

Feature/epss-cve-summary

Author: meddlin

.vscode/launch.json

@@ -28,7 +28,7 @@
             "args": [
                 "lookup",
                 "--id",
-                "CVE-2025-11683"
+                "CVE-2022-27225"
             ]
         },
         {

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "cve-explorer-cli"
-version = "0.2.51"
+version = "0.2.6"
 description = "View CVEs and related info with CLI interface"
 readme = "README.md"
 requires-python = ">=3.11"

src/cve_explorer_cli/main.py

@@ -59,9 +59,23 @@ def main():
                 weaknesses=res['vulnerabilities'][0]['cve']['weaknesses'],
                 severity=f"CVSS 3.1: {res_v31} ({res_v31_base}), CVSS 2.0: {res_v2} ({res_v2_base})"
             )
-
+            epss_resp = request_epss(args.id)
+            if epss_resp != '':
+                _epss = EPSS(
+                    cve_id=epss_resp['data'][0]['cve'],
+                    epss_value=epss_resp['data'][0]['epss'],
+                    percentile=epss_resp['data'][0]['percentile'],
+                    date=epss_resp['data'][0]['date']
+                )
+                custom_cve.epss_value = _epss.epss_value
+                custom_cve.epss_percentile = _epss.percentile
+                custom_cve.epss_date = _epss.date
+            
             print("\n")
             custom_cve.display_cve()
+
+            # TODO: Add a JSON pretty print for CVEs
+
     elif args.command == "epss":
         epss_resp = request_epss(args.id)
         _epss = EPSS(

src/cve_explorer_cli/models/cve.py

@@ -73,6 +73,10 @@ class CVE:
     weaknesses: Any
     severity: str
 
+    epss_value: str
+    epss_percentile: str
+    epss_date: str
+
     def __init__(
         self,
         id,
@@ -100,6 +104,12 @@ def display_cve(self):
 
         table.add_row("CVE", f"[bold]{self.id}[/]")
         table.add_row("Severity", f"{self.severity}")
+        if self.epss_value != '':
+            table.add_row("EPSS Value", f"{self.epss_value}")
+        if self.epss_percentile != '':
+            table.add_row("EPSS Percentile", f"{self.epss_percentile}")
+        if self.epss_date != '':
+            table.add_row("EPSS Date", f"{self.epss_date}")
         table.add_row("Status", f"[yellow]{self.vuln_status}[/]")
         table.add_row("Published", self.published)
         table.add_row("Source", self.source_identifier)

src/cve_explorer_cli/utilities/ext_request.py

@@ -15,10 +15,14 @@ def request_epss(cve_id: str) -> Any:
         Any: _description_
     """
     res = requests.get(
-        f'https://api.first.org/data/v1/epss?cve={cve_id.capitalize()}',
+        f'https://api.first.org/data/v1/epss?cve={cve_id.upper()}',
         timeout=10
     )
-    return res.json()
+    if res.status_code == 404:
+        print(f'HTTP 404 - request_epss({cve_id}) not found.')
+        return ''
+    elif res.status_code == 200:
+        return res.json()
 
 def request_cve(cve_id: str) -> Any:
     """Request CVE information from First (api.first.org)
@@ -30,8 +34,12 @@ def request_cve(cve_id: str) -> Any:
         _type_: _description_
     """
     res = requests.get(
-        f'https://services.nvd.nist.gov/rest/json/cves/2.0?cveId={cve_id.capitalize()}',
+        f'https://services.nvd.nist.gov/rest/json/cves/2.0?cveId={cve_id.upper()}',
         timeout=10
     )
-    response_json = res.json()
-    return response_json
+    if res.status_code == 404:
+        print(f'HTTP 404 - request_cve({cve_id}) not found.')
+        return ''
+    elif res.status_code == 200:
+        response_json = res.json()
+        return response_json