Recently, I was tasked with verifying several CVEs that were discovered in a vulnerability scan, to the tune of 4,000 CVEs. I realized I was going to have to look at the details of these CVEs and that was going to require a lot of manual searching, which is extremely time-consuming. Originally, this project was just to have something to work with the API, but I realized with my current task I could make it into something a little more.
Currently, there are two options for using the application. Please see Documentation/html/index.html in a browser for class definitions, function definitions, etc...
This is my recommended method if you are doing larger amounts of work with CVEs. Simply run cli.py and interact with prompts. The following menus are available:
- CVE
- Get CVE by ID
- Write to file Y/N
- Input file name if Y
- Write to file Y/N
- Get All CVEs
- Confirm due to length of time
- Get CVE by File
- Confirm file is newline seperated
- Input file to load
- Exit
- Exits the CVE menu
- Get CVE by ID
- Formatting
- Format Existing NVD Json
- Input file to load
- Parse Lacework Report
- Input file to load
- Format Existing NVD Json
- Exit
- Exits the CLI tool
usage: cve.py [-h] [-a] [-i] [-I ID] [-b] [-S START_DATE] [-E END_DATE] [-A] [-f] [-F FILE] [-if INPUT_FILE] [-o OUTPUT]
A script to interact with the NVD API.
optional arguments:
-h, --help show this help message and exit
-a, --all Use this only one time. It will write a file with theentire NVD database
-i, --get-by-id Requires -I/--ID . Gets information about CVE ID provided
-I ID, --ID ID Enter CVE ID in the format CVE-2021-3165.
-b, --between-dates Requires -S/--Start-Date and -E/--End-Date ,gets all CVEs between the start and end date
-S START_DATE, --Start-Date START_DATE (Enter in the format YYYY-MM-DD)
-E END_DATE, --End-Date END_DATE
Enter in the format YYYY-MM-DD
-A, --After-Date Requires -S/--Start-Date . Gets all CVE from Start date to current date
-f, --format Requires -F/--File . Formats an existing json filefrom NVD API
-F FILE, --File FILE Enter file name to format
-if INPUT_FILE, --input-file INPUT_FILE
input new line separated file of cve identifiers
-o OUTPUT, --output OUTPUT
For now, the easiest way to install is to follow normal github process
- Git clone https://github.com/rwils83/nvd_api_interactions.git
- pip install -r requirements.txt
Future minor release will include a proper setup file
A few notes on future releases:
- Versioning schema: This project will follow a simple schema. <majorversion>.<minorversion>. I have no intent do anything like 1.1.1. It is not that big of a project.
- I am one person, I work 2 jobs, and am in school first time. Releases will occur when they can, I don't want anyone to have expectations that won't be met.
- Issues and fixes: Minor version releases will reflect changes related to issues once a fix has been implemented.
- Major Releases: If completely new functionality is added, a major version release will occur. Anything else will be covered under minor version release.
Please see License for license information