feat: add detailed flag

Author: XDRAGON2002

cve_bin_tool/cli.py

@@ -252,6 +252,9 @@ def main(argv=None):
         help="operate in offline mode",
         default=False,
     )
+    parser.add_argument(
+        "--detailed", action="store_true", help="display detailed report", default=False
+    )
 
     merge_report_group = parser.add_argument_group(
         "Merge Report", "Arguments related to Intermediate and Merged Reports"
@@ -602,6 +605,7 @@ def main(argv=None):
                 append=args["append"],
                 merge_report=merged_reports,
                 affected_versions=args["affected_versions"],
+                detailed=args["detailed"],
             )
 
             if not args["quiet"]:

cve_bin_tool/output_engine/__init__.py

@@ -27,9 +27,9 @@
 )
 
 
-def output_json(all_cve_data: Dict[ProductInfo, CVEData], outfile: IO):
+def output_json(all_cve_data: Dict[ProductInfo, CVEData], outfile: IO, detailed: bool):
     """Output a JSON of CVEs"""
-    formatted_output = format_output(all_cve_data)
+    formatted_output = format_output(all_cve_data, detailed)
     json.dump(formatted_output, outfile, indent="    ")
 
 
@@ -56,9 +56,9 @@ def save_intermediate(
         json.dump(inter_output, f, indent="    ")
 
 
-def output_csv(all_cve_data: Dict[ProductInfo, CVEData], outfile):
+def output_csv(all_cve_data: Dict[ProductInfo, CVEData], outfile, detailed: bool):
     """Output a CSV of CVEs"""
-    formatted_output = format_output(all_cve_data)
+    formatted_output = format_output(all_cve_data, detailed)
     writer = csv.DictWriter(
         outfile,
         fieldnames=[
@@ -75,6 +75,8 @@ def output_csv(all_cve_data: Dict[ProductInfo, CVEData], outfile):
             "comments",
         ],
     )
+    if detailed:
+        writer.fieldnames.append("description")
     writer.writeheader()
     writer.writerows(formatted_output)
 
@@ -305,6 +307,7 @@ def __init__(
         merge_report: Union[None, List[str]] = None,
         affected_versions: int = 0,
         all_cve_version_info=None,
+        detailed: bool = False,
     ):
         self.logger = logger or LOGGER.getChild(self.__class__.__name__)
         self.all_cve_version_info = all_cve_version_info
@@ -321,16 +324,17 @@ def __init__(
         self.merge_report = merge_report
         self.affected_versions = affected_versions
         self.all_cve_data = all_cve_data
+        self.detailed = detailed
 
     def output_cves(self, outfile, output_type="console"):
         """Output a list of CVEs
         format self.checkers[checker_name][version] = dict{id: severity}
         to other formats like CSV or JSON
         """
         if output_type == "json":
-            output_json(self.all_cve_data, outfile)
+            output_json(self.all_cve_data, outfile, self.detailed)
         elif output_type == "csv":
-            output_csv(self.all_cve_data, outfile)
+            output_csv(self.all_cve_data, outfile, self.detailed)
         elif output_type == "pdf":
             output_pdf(
                 self.all_cve_data,

cve_bin_tool/output_engine/util.py

@@ -51,7 +51,9 @@ def generate_filename(extension: str, prefix: str = "output") -> str:
     return filename
 
 
-def format_output(all_cve_data: Dict[ProductInfo, CVEData]) -> List[Dict[str, str]]:
+def format_output(
+    all_cve_data: Dict[ProductInfo, CVEData], detailed: bool
+) -> List[Dict[str, str]]:
     """
     summary: format output in the list of dictionary format.
 
@@ -76,21 +78,22 @@ def format_output(all_cve_data: Dict[ProductInfo, CVEData]) -> List[Dict[str, st
     formatted_output = []
     for product_info, cve_data in all_cve_data.items():
         for cve in cve_data["cves"]:
-            formatted_output.append(
-                {
-                    "vendor": product_info.vendor,
-                    "product": product_info.product,
-                    "version": product_info.version,
-                    "cve_number": cve.cve_number,
-                    "severity": cve.severity,
-                    "score": str(cve.score),
-                    "cvss_version": str(cve.cvss_version),
-                    "cvss_vector": cve.cvss_vector,
-                    "paths": ", ".join(cve_data["paths"]),
-                    "remarks": cve.remarks.name,
-                    "comments": cve.comments,
-                }
-            )
+            details = {
+                "vendor": product_info.vendor,
+                "product": product_info.product,
+                "version": product_info.version,
+                "cve_number": cve.cve_number,
+                "severity": cve.severity,
+                "score": str(cve.score),
+                "cvss_version": str(cve.cvss_version),
+                "cvss_vector": cve.cvss_vector,
+                "paths": ", ".join(cve_data["paths"]),
+                "remarks": cve.remarks.name,
+                "comments": cve.comments,
+            }
+            if detailed:
+                details["description"] = cve.description
+            formatted_output.append(details)
 
     return formatted_output