A local CVE db repository
- Clone the cvelistV5 github repo
- loop through all CVEs
- CVE instance will be created based on CVE json file
- If the CVE json file contains metrics entry, create Metrics for the CVE
- Otherwise, if
--create-metrics
argument is given, fetch metrics from NVD and create Metrics for the CVE
- CVE instance will be created based on CVE json file
- store in local database (python pickle)
Use pip command to install:
pip install py-cvedb
- Use
cvedb --clone
to clone the cvelistV5 repo and init the local data- This action will first check if cvelistV5 repo is cloned.
- If not cloned yet, clone the repo first
- Then, loop through all CVE JSON file and create CVE instance
- The local database will be dumped to a compressed pickle file located in
$HOME/.config/cvedb/cvedb.pickle
- This action will first check if cvelistV5 repo is cloned.
- Use
cvedb --update
to check if there contains update from cvelistV5 repo- If contains detected
- Firstly, get all updated file
- Re-create CVE instance and do update or insert to local database
- If contains detected
- The cvelistV5 repo take several minutes to clone, actual time taken is affected by Internet connection
Use cvedb -s
or cvedb --search
to search from database
- using
-y
or--year
to get CVEs in a specific year- Adding
-p
or--pattern
to filter out CVE records. Give a string start will-
for negative match.- If given
injection -database
will get all records containsinjection
but notdatabase
.
- If given
- Adding
- using
-i
or--id
to get CVE with a specific CVE id
>>> from cvedb import cvedb
>>>
>>> cvedb = cvedb.init_db()
>>> type(cvedb) # <class 'cvedb.cvedb.CVEdb'>