android-cve-reader.py

#!/usr/bin/env python3
# -*- coding: utf8 -*-

# script to filter CVE items from Android Security Bulletin pages, eg:
# https://source.android.com/security/bulletin/2019-04-01

import argparse
import sys

import lxml.html


ap = argparse.ArgumentParser(description="Android CVE reader")
ap.add_argument(
    "file",
    nargs='*',
    type=argparse.FileType('r'),
    default=[sys.stdin],
    help="input xml file")
ap.add_argument("-t", dest="type", help="cve type")
args = ap.parse_args()

for fo in args.file:
    html = lxml.html.fromstring(fo.read())
    for table in html.xpath("//table[tr/th/text()='CVE']"):
        for row in table.xpath("./tr[starts-with(td/text(),'CVE')]"):
            cve_id = row[0].text_content()
            cve_type = row[2].text_content()
            if args.type is not None:
                if cve_type != args.type:
                    continue
            severity = row[3].text_content()
            component = row[4].text_content()
            print(f"{cve_id}\t{cve_type}\t{severity}\t{component}")