Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

CVEStack

Example message
An example message

Scans feeds for various elements within the stack, then posts to various sources. Currently syslog, RSS, and slack are supported.. Supports a pip-style format. For instance, this file:

linux
wordpress

Will post to output(s) for any new (or recently updated) CVEs matching linux or wordpress. You can use __ to determine left or right padding on a per-pattern basis. For instance, __py would match ' testpy', but not 'testpy '. Similarly, py__ would match 'testpy ', but not ' testpy'. You can also specify required combinations of keywords. For instance, linux & kernel will require that an entry contains both linux and kernel.

You can also set required keywords to be negative. For instance, this line will match entries for 'sql', but not if they also contain 'server': sql & -server

If you prefer blacklisting to whitelisting, you can enable that in the config by switching dependencies_are_ignored to true. This will ignore all feed entries matching an item in your dependencies file.

The example config pulls from nvd and seclists. It posts to a syslog at /dev/log by default.

About

Scan products in your stack for known vulnerabilities

Topics

Resources

License

Releases

No releases published

Packages

No packages published