NVD/CVE® as JSON files
Important: this repository is now partially redundant with the CVEProject/cvelist project that allows to explore the CVE®/NVD modification history using git as well as submitting new vulnerabilities using GitHub pull requests. However, this repository is still synchronized with the dictionaries to allow to fetch each vulnerability in JSON format.
It has two main goals:
- allow to easilly get the description of a vulnerability in the JSON format (schema)
- allow to explore CVE®/NVD modification history using git
Data access: JSON files can also be fetched at https://olbat.github.io/nvdcve/CVE-YYYY-NNNN.json.
Common Vulnerabilities and Exposures (CVE®)
The CVE® is maintained by the Mitre Corporation.
CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.
National Vulnerabilitiy Database (NVD)
It is a superset of the CVE® dictionary augmented with additional analysis, a database, and a fine-grained search engine.
Usage restrictions of this resource are described in the NVD's FAQ:
All NVD data is freely available from our XML Data Feeds. There are no fees, licensing restrictions, or even a requirement to register. All NIST publications are available in the public domain according to Title 17 of the United States Code. Acknowledgment of the NVD when using our information is appreciated. In addition, please email firstname.lastname@example.org to let us know how the information is being used.