cvrfparse is a python library and CLI tool for extracting data out of a Common Vulnerability Reporting Framework (CVRF) document. You can get the code from GitHub at: https://github.com/mschiffm/cvrfparse

Alternatively you can install cvrfparse from source or using pip:

pip install cvrfparse

The following is an example of how to install cvrfparse in a MAC OS X machine:

omar$ sudo pip install cvrfparse

Password:

The directory '/Users/omar/Library/Logs/pip' or its parent directory is not owned by the current user and the debug log has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.

The directory '/Users/omar/Library/Caches/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.

You are using pip version 6.1.1, however version 7.1.2 is available.

You should consider upgrading via the 'pip install --upgrade pip' command.

The directory '/Users/omar/Library/Caches/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.

Collecting cvrfparse

  Downloading cvrfparse-1.0.tar.gz

Collecting lxml (from cvrfparse)

  Downloading lxml-3.5.0.tar.gz (3.8MB)

    100% |████████████████████████████████| 3.8MB 2MB/s

Installing collected packages: lxml, cvrfparse

  Running setup.py install for lxml

  Running setup.py install for cvrfparse

Successfully installed cvrfparse-1.0 lxml-3.5.0

The following is an example on how to retrieve specific information from the advisory CVRF file (cisco-sa-20160104-iosxr_cvrf.xml ):

omar$ cvrfparse -f cisco-sa-20160104-iosxr_cvrf.xml --cvrf DocumentTitle --vuln ID --vuln CVE --vuln CVSSScoreSets --prod all

[{http://www.icasi.org/CVRF/schema/cvrf/1.1}DocumentTitle] Cisco IOS XR Software OSPF Link State Advertisement PCE Vulnerability

[{http://www.icasi.org/CVRF/schema/vuln/1.1}ID] CSCuw83486

(SystemName: Cisco Bug ID)

[{http://www.icasi.org/CVRF/schema/vuln/1.1}CVE] CVE-2015-6432

[{http://www.icasi.org/CVRF/schema/vuln/1.1}CVSSScoreSets]

[{http://www.icasi.org/CVRF/schema/vuln/1.1}ScoreSet]

[{http://www.icasi.org/CVRF/schema/vuln/1.1}BaseScore] 5.0

[{http://www.icasi.org/CVRF/schema/vuln/1.1}TemporalScore] 4.1

[{http://www.icasi.org/CVRF/schema/vuln/1.1}Vector] AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 4.2.0

(ProductID: CVRFPID-116014)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 4.3.0

(ProductID: CVRFPID-191719)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 5.1.0

(ProductID: CVRFPID-195582)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 5.2.0

(ProductID: CVRFPID-206860)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 5.2.2

(ProductID: CVRFPID-206862)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 5.2.4

(ProductID: CVRFPID-212490)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 5.3.0

(ProductID: CVRFPID-206864)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 5.3.2

(ProductID: CVRFPID-212491)

[{http://www.icasi.org/CVRF/schema/prod/1.1}FullProductName] Cisco IOS XR Software 5.0.0

(ProductID: CVRFPID-212494)

The following is the cvrfparse syntax:

omar$ cvrfparse -h

usage: cvrfparse [-h] -f FILE

                 [--cvrf [{all,DocumentTitle,DocumentType,DocumentPublisher,DocumentTracking,DocumentNotes,DocumentDistribution,AggregateSeverity,DocumentReferences,Acknowledgments} ...]]

                 [--vuln [{all,Title,ID,Notes,DiscoveryDate,ReleaseDate,Involvements,CVE,CWE,ProductStatuses,Threats,CVSSScoreSets,Remediations,References,Acknowledgments} ...]]

                 [--prod [{all,Branch,FullProductName,Relationship,ProductGroups} ...]]

                 [-c] [-s] [-V] [-S SCHEMA] [-C CATALOG] [-v]

Validate/parse a CVRF 1.1 document and emit user-specified bits.

optional arguments:

  -h, --help            show this help message and exit

  -f FILE, --file FILE  candidate CVRF 1.1 XML file

  --cvrf [{all,DocumentTitle,DocumentType,DocumentPublisher,DocumentTracking,DocumentNotes,DocumentDistribution,AggregateSeverity,DocumentReferences,Acknowledgments} ...]

                        emit CVRF elements, use "all" to glob all CVRF

                        elements.

  --vuln [{all,Title,ID,Notes,DiscoveryDate,ReleaseDate,Involvements,CVE,CWE,ProductStatuses,Threats,CVSSScoreSets,Remediations,References,Acknowledgments} ...]

                        emit Vulnerability elements, use "all" to glob all

                        Vulnerability elements.

  --prod [{all,Branch,FullProductName,Relationship,ProductGroups} ...]

                        emit ProductTree elements, use "all" to glob all

                        ProductTree elements.

  -c, --collate         collate all of the Vulnerability elements by ordinal

                        into separate files

  -s, --strip-ns        strip namespace header from element tags before

                        printing

  -V, --validate        validate the CVRF document

  -S SCHEMA, --schema SCHEMA

                        specify local alternative for cvrf.xsd

  -C CATALOG, --catalog CATALOG

                        specify location for catalog.xml (default is

                        ./cvrfparse/schemata/catalog.xml)

  -v, --version         show program's version number and exit