{"id":28386593,"url":"https://github.com/bandarlabs/cveingest","last_synced_at":"2025-07-03T15:36:59.480Z","repository":{"id":277561162,"uuid":"925186988","full_name":"BandarLabs/cveingest","owner":"BandarLabs","description":"Convert CVEs into LLMs friendly input with multi level crawling","archived":false,"fork":false,"pushed_at":"2025-02-14T15:18:04.000Z","size":327,"stargazers_count":6,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-30T19:18:30.712Z","etag":null,"topics":["audio","cve","llm","security"],"latest_commit_sha":null,"homepage":"https://open.spotify.com/show/6d4yfU1geTLIKtaY7lQJvm","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BandarLabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-31T11:57:18.000Z","updated_at":"2025-03-29T20:53:13.000Z","dependencies_parsed_at":"2025-02-14T16:36:19.530Z","dependency_job_id":null,"html_url":"https://github.com/BandarLabs/cveingest","commit_stats":null,"previous_names":["bandarlabs/cveingest"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/BandarLabs/cveingest","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BandarLabs%2Fcveingest","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BandarLabs%2Fcveingest/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BandarLabs%2Fcveingest/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BandarLabs%2Fcveingest/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BandarLabs","download_url":"https://codeload.github.com/BandarLabs/cveingest/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BandarLabs%2Fcveingest/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262094425,"owners_count":23257962,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audio","cve","llm","security"],"created_at":"2025-05-30T15:12:33.649Z","updated_at":"2025-07-03T15:36:59.466Z","avatar_url":"https://github.com/BandarLabs.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CVEingest - Prompt Friendly CVEs\n\nUsing this tool, you can gather and convert CVEs published by `GitHub advisories` and `cve.org` using one user interface. The tool takes care of fetching the references referenced by the CVEs. So, if some details like code changes are in some reference, it will be fetched.\n\n\u003cdetails\u003e\n\u003csummary\u003eSample JSON Output\u003c/summary\u003e\n\n```json\n[\n  {\n    \"ghsa_id\": \"GHSA-66fj-74pq-7rwx\",\n    \"cve_id\": \"CVE-2024-56829\",\n    \"url\": \"https://api.github.com/advisories/GHSA-66fj-74pq-7rwx\",\n    \"html_url\": \"\",\n    \"summary\": \"\",\n    \"description\": \"Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.\",\n    \"severity\": \"critical\",\n    \"published_at\": \"2025-01-02T06:30:47Z\",\n    \"updated_at\": \"2025-01-02T06:30:52Z\",\n    \"source_code\": \"\",\n    \"cvss_score\": 10,\n    \"vulnerabilities\": [],\n    \"references\": [\n      {\n        \"url\": \"https://nvd.nist.gov/vuln/detail/CVE-2024-56829\",\n        \"type\": \"NIST\",\n        \"status_code\": 200,\n        \"info\": \"Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.\"\n      }\n    ],\n    \"assigner_name\": \"\"\n  }\n]\n```\n\n\u003c/details\u003e\n\n### 🚀 Features\n* You can download the CVEs Json with all the references crawled.\n* You can download the SSML to feed into your speech generator service.\n\n\n\n### 📦 How to launch the tool\n\n```bash\nexport GITHUB_TOKEN=\n\n# optional for ssml\nexport GEMINI_API_KEY=\n\n#optional for podcast\nexport SPEECH_REGION=\nexport SPEECH_KEY=F76..\n\n```\n\n\n\n```bash\npip install -r requirements.txt\npython main.py\n```\n![image](https://github.com/user-attachments/assets/94750d92-2dc2-4b25-9a08-ba8a590ae728)\n\n\n### 💡 How to use\n\n* Enter the date range for the CVEs published (or choose one from examples).\n* Keep the range at most 3 days.\n* Set the SSML prompt from the example.\n* Click on Process Advisories\n\n\n\n### Processed Output Json + Podcast\n\n\n\n![image](https://github.com/user-attachments/assets/4844f000-ff99-4e56-8399-a7ba93f976d0)\n\n\n\n\n\n💡 You can use the download JSON in notebookLM directly and it will generate a nice podcast.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbandarlabs%2Fcveingest","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbandarlabs%2Fcveingest","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbandarlabs%2Fcveingest/lists"}