{"id":32953334,"url":"https://github.com/clearlinux/cve-check-tool","last_synced_at":"2025-11-17T16:01:18.691Z","repository":{"id":29280765,"uuid":"32813502","full_name":"clearlinux/cve-check-tool","owner":"clearlinux","description":"Original Automated CVE Checking Tool","archived":true,"fork":false,"pushed_at":"2019-06-21T14:36:53.000Z","size":1986,"stargazers_count":201,"open_issues_count":30,"forks_count":78,"subscribers_count":24,"default_branch":"master","last_synced_at":"2024-05-02T18:07:43.188Z","etag":null,"topics":["cve","database","nvd","vulnerability","xml"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/clearlinux.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-03-24T17:19:42.000Z","updated_at":"2024-04-26T07:35:05.000Z","dependencies_parsed_at":"2022-07-09T15:02:07.295Z","dependency_job_id":null,"html_url":"https://github.com/clearlinux/cve-check-tool","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/clearlinux/cve-check-tool","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/clearlinux%2Fcve-check-tool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/clearlinux%2Fcve-check-tool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/clearlinux%2Fcve-check-tool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/clearlinux%2Fcve-check-tool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/clearlinux","download_url":"https://codeload.github.com/clearlinux/cve-check-tool/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/clearlinux%2Fcve-check-tool/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":284911789,"owners_count":27083425,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-17T02:00:06.431Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","database","nvd","vulnerability","xml"],"created_at":"2025-11-12T22:00:33.174Z","updated_at":"2025-11-17T16:01:18.686Z","avatar_url":"https://github.com/clearlinux.png","language":"C","funding_links":[],"categories":["Linux"],"sub_categories":["Tools"],"readme":"cve-check-tool\n==============\n\n[![Build Status](https://travis-ci.org/ikeydoherty/cve-check-tool.svg?branch=master)](https://travis-ci.org/ikeydoherty/cve-check-tool)\n[![Coverage Status](https://coveralls.io/repos/github/ikeydoherty/cve-check-tool/badge.png?branch=master)](https://coveralls.io/github/ikeydoherty/cve-check-tool?branch=master)\n\n\ncve-check-tool, as its name suggests, is a tool for checking known\n(public) CVEs. The tool will identify potentially vunlnerable software\npackages within Linux distributions through version matching. Where\npossible it will also seek to determine (through a distribution\nimplemention) if a vulnerability has been addressed by way of a patch.\n\nCVEs are only ever *potential* - due to the various policies of various\ndistributions, and indeed semantics in versioning within various projects,\nit is expected that the tool may generate false positives.\n\nThe tool is designed to integrate with a locally cached copy of the\nNational Vulnerability Database, which should be updated every 3-4\nhours. Correctly integrated within the workflow of a distribution,\nand indeed with the correct bug report tool, this yields a minimum\n4 hour turnaround on all disclosed CVEs (non-embargoed)\n\nData Usage\n----------\ncve-check-tool downloads the NVD in its entirety, from 2002 until the\ncurrent moment. The decompressed XML database is in excess of 550MB,\nso this should be taken into account before running the tool. From then\non, only the *changed* database segments are fetched. Therefore it is\nadvisable to use cve-check-tool on a machine that has  sufficient space\nand internet connection.\n\nOn a fairly modern machine, it should only take around 10 seconds to\nconsume the databases. Note however that when the tool runs, it will\nuse a lot of resources to ensure it is fast (it needs to go through over\n7 million lines of XML, for one.)\n\nCLI usage:\n----------\n\nMost common usage, automatically determine package type and scan for the\npackages in the given package list file:\n\n    cve-check-tool ../packages\n\nRecurse a directory structure, with the predetermined type of eopkg:\n\n    cve-check-tool -t eopkg .\n\nCheck a single RPM source package, ignoring patched issues:\n\n    cve-check-tool -n readline.spec\n\nFlags can be combined, check `-h` for details. An example to recurse all\ndirectories, finding .spec RPM files, and ignoring patched issues:\n\n    cve-check-tool -n -t rpm .\n\n\nLicense\n--------\n\ncve-check-tool is available under the terms of the GNU General Public License,\nVersion 2. Please check the LICENSE file for further details.\n\nCopyright (C) 2015 Intel Corporation\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fclearlinux%2Fcve-check-tool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fclearlinux%2Fcve-check-tool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fclearlinux%2Fcve-check-tool/lists"}