VulnBrief 🛡️

A Python-based CVE (Common Vulnerabilities and Exposures) lookup tool that provides TLDR-style security briefs for vulnerabilities.

Features

• 🔍 CVE Lookup: Query CVE information from the National Vulnerability Database (NVD)
• 📋 Vulnerability Descriptions: Get clear explanations of what the vulnerability is
• ⚠️ Severity Ratings: See CVSS scores and severity levels
• 🎯 Affected Versions: Identify which versions are vulnerable
• ✅ Remediation Steps: Get guidance on how to fix or mitigate the vulnerability
• 🖥️ Interactive Mode: Query multiple CVEs in one session

Installation

Prerequisites

• Python 3.7+
• pip (Python package manager)

Setup

1. Clone or navigate to the VulnBrief directory:

cd /path/to/VulnBrief

2. Install dependencies:

pip install -r requirements.txt

Usage

Command Line Mode

Look up a single CVE:

# With CVE- prefix
python vulnbrief.py CVE-2021-44228

# Without CVE- prefix
python vulnbrief.py 2021-44228

Interactive Mode

Run without arguments to enter interactive mode:

python vulnbrief.py

Then enter CVE IDs at the prompt:

Enter CVE ID: CVE-2021-44228

Type quit or exit to leave interactive mode.

Help

python vulnbrief.py --help
python vulnbrief.py -h

Example Output

======================================================================
CVE BRIEF: CVE-2021-44228
======================================================================

📋 VULNERABILITY:
A Remote Code Execution (RCE) vulnerability exists in Apache Log4j...

⚠️  SEVERITY: CRITICAL (CVSS 10.0 v3.1)

🎯 AFFECTED VERSIONS:
  • Apache Log4j 2.0-beta9 through 2.15.0
  • Apache Log4j 2.0-rc1 through 2.0-rc2

✅ REMEDIATION:
Vendor References:
  - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
  - https://logging.apache.org/log4j/2.x/security-considerations.html

Remediation Steps:
  1. Update to the latest patched version
  2. Apply vendor security patches
  3. Review vendor advisories for specific fixes
  4. Monitor for security updates

======================================================================

Architecture

Modules

• cve_fetcher.py: Handles API requests to fetch CVE data from the NVD
• cve_formatter.py: Parses and formats CVE data into readable TLDR summaries
• vulnbrief.py: Entry point with CLI interface and interactive mode

Data Sources

Currently uses the National Vulnerability Database (NVD) API:

• Free, no API key required
• Comprehensive CVE coverage
• Updated regularly with new vulnerabilities

Limitations

• NVD API has rate limiting (requests are throttled)
• Some CVEs may have limited detail depending on NVD data availability
• Specific remediation steps are generic; vendor advisories may have more detail

Future Enhancements

• Support for CVE-Details API as fallback
• Caching of previously fetched CVEs
• JSON/CSV export options
• Search by product name
• Vulnerability trending and statistics
• Email alerts for critical CVEs
• Integration with exploit databases

License

This project is provided as-is for educational and security research purposes.

Disclaimer

This tool is for informational purposes. Always verify vulnerability information through official vendor sources before taking remediation actions.