Im new to json files and I have a text file with a bunch of package names (line by line). I want to check if this names show up in the debian security tracker json file (https://security-tracker.debian.org/tracker/data/json) and if they do print the ones that find a match
I tried this but does not output anything:
def json_find():
json_file = json.dumps(info)
with open("package_names.txt", "r") as f:
for line in f:
if line in json_file:
print (line)
json_find()
Where info
has the json file from the security tracker. But i cant find a way to iterate through the text file and search for the names in the json file
The list looks something like this:
nftables
python3-translationstring
gcc-8-base
libpocojson60
passwd
automake
Example of the json file :
{
"389-ds-base": {
"CVE-2012-0833": {
"description": "The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.",
"scope": "local",
"releases": {
"bookworm": {
"status": "resolved",
"repositories": {
"bookworm": "2.0.15-1"
},
"fixed_version": "0",
"urgency": "unimportant"
},
"bullseye": {
"status": "resolved",
"repositories": {
"bullseye": "1.4.4.11-2"
},
"fixed_version": "0",
"urgency": "unimportant"
},
"buster": {
"status": "resolved",
"repositories": {
"buster": "1.4.0.21-1"
},
"fixed_version": "0",
"urgency": "unimportant"
},
"sid": {
"status": "resolved",
"repositories": {
"sid": "2.0.15-1"
},
"fixed_version": "0",
"urgency": "unimportant"
}
}
},
"CVE-2012-2678": {
"description": "389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.",
"scope": "local",
"releases": {
"bookworm": {
"status": "resolved",
"repositories": {
"bookworm": "2.0.15-1"
},
"fixed_version": "0",
"urgency": "unimportant"
},
"bullseye": {
"status": "resolved",
"repositories": {
"bullseye": "1.4.4.11-2"
},
"fixed_version": "0",
"urgency": "unimportant"
},
"buster": {
"status": "resolved",
"repositories": {
"buster": "1.4.0.21-1"
},
"fixed_version": "0",
"urgency": "unimportant"
},
"sid": {
"status": "resolved",
"repositories": {
"sid": "2.0.15-1"
},
"fixed_version": "0",
"urgency": "unimportant"
}
}
},
For example if i had 389-ds-base
in my list i would like to print it out
CodePudding user response:
import json
JSON_FILE = 'security.json'
PKG_FILE = 'package_names.txt'
def json_find():
json_data = {}
with open(JSON_FILE, 'r') as f:
json_data = json.load(f)
with open(PKG_FILE, 'r') as f:
pkg_list = f.read().splitlines()
vulnerable = []
for package in pkg_list:
if package in json_data:
vulnerable.append(package)
return vulnerable
If you use the same json you provided in the question, and include 389-ds-base
in the package list file (package_names.txt
), you'll get the list ['389-ds-base']
as result.