import Alamofire import Foundation public struct CVE: Codable { public let cve: String public let severity: String public let public_date: Date public let advisories: [String] public let bugzilla: String public let bugzilla_description: String? public let cvss_score: Double? public let cvss_scoring_vector: Double? public let cwe: String public let affected_packages: [String]? public let resource_url: String? public let cvss3_scoring_vector: String? public let cvss3_score: String? private enum CodingKeys: String, CodingKey { case cve = "CVE" case severity case public_date case advisories case bugzilla case bugzilla_description case cvss_score case cvss_scoring_vector case cwe = "CWE" case affected_packages case resource_url case cvss3_scoring_vector case cvss3_score } public init(from decoder: Decoder) throws { let container = try decoder.container(keyedBy: CodingKeys.self) cve = try container.decode(String.self, forKey: .cve) severity = try container.decode(String.self, forKey: .severity) advisories = try container.decode([String].self, forKey: .advisories) bugzilla = try container.decode(String.self, forKey: .bugzilla) bugzilla_description = try container.decodeIfPresent(String.self, forKey: .bugzilla_description) cvss_score = try container.decodeIfPresent(Double.self, forKey: .cvss_score) cvss_scoring_vector = try container.decodeIfPresent(Double.self, forKey: .cvss_scoring_vector) cwe = try container.decode(String.self, forKey: .cwe) affected_packages = try container.decodeIfPresent([String].self, forKey: .affected_packages) resource_url = try container.decodeIfPresent(String.self, forKey: .resource_url) cvss3_scoring_vector = try container.decodeIfPresent(String.self, forKey: .cvss3_scoring_vector) cvss3_score = try container.decodeIfPresent(String.self, forKey: .cvss3_score) let dateFormatter = DateFormatter() dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ssZ" if let dateString = try container.decodeIfPresent(String.self, forKey: .public_date), let date = dateFormatter.date(from: dateString) { public_date = date } else { let context = DecodingError.Context(codingPath: container.codingPath + [CodingKeys.public_date], debugDescription: "Invalid date format") throw DecodingError.dataCorrupted(context) } } } public struct CVEchecker { public init() {} public func getCVEs(package: String, after: String, completion: @escaping ([CVE]?, Error?) -> Void) { let baseURL = "https://access.redhat.com/labs/securitydataapi/cve.json" let parameters: Alamofire.Parameters = ["package": package, "after": after] AF.request(baseURL, parameters: parameters).validate().responseJSON { response in switch response.result { case .success(let value): do { let decoder = JSONDecoder() decoder.keyDecodingStrategy = .convertFromSnakeCase let cves = try decoder.decode([CVE].self, from: response.data!) completion(cves, nil) } catch let DecodingError.dataCorrupted(context) { print(context) } catch let DecodingError.keyNotFound(key, context) { print("Key '\(key)' not found:", context.debugDescription) print("codingPath:", context.codingPath) } catch let DecodingError.valueNotFound(value, context) { print("Value '\(value)' not found:", context.debugDescription) print("codingPath:", context.codingPath) } catch let DecodingError.typeMismatch(type, context) { print("Type '\(type)' mismatch:", context.debugDescription) print("codingPath:", context.codingPath) } catch { print("error: ", error) } case .failure(let error): completion(nil, error) } } } } // mi kellene meg gettelni? https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html-single/red_hat_security_data_api/index#parameters_2 // Mitigation: A way to fix or reduce the problem without updated software. // Details: Details about the flaw, possibly from Red Hat or Mitre. // Acknowledgements: People or organizations that are being recognized.