{"id":46756850,"url":"https://github.com/inexio/cve-alert-manager","last_synced_at":"2026-03-09T21:34:53.097Z","repository":{"id":48195292,"uuid":"249449337","full_name":"inexio/cve-alert-manager","owner":"inexio","description":"Collect security alerts from different sources and provide a normalized API to query","archived":false,"fork":false,"pushed_at":"2023-02-25T05:13:30.000Z","size":252,"stargazers_count":7,"open_issues_count":3,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-06-20T06:27:38.937Z","etag":null,"topics":["cve","golang","security","security-vulnerability"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/inexio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-03-23T14:12:36.000Z","updated_at":"2022-12-14T18:54:24.000Z","dependencies_parsed_at":"2024-06-20T05:44:51.815Z","dependency_job_id":"76f60f6a-9f19-4ed1-a9b5-3fa5052dc321","html_url":"https://github.com/inexio/cve-alert-manager","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/inexio/cve-alert-manager","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inexio%2Fcve-alert-manager","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inexio%2Fcve-alert-manager/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inexio%2Fcve-alert-manager/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inexio%2Fcve-alert-manager/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/inexio","download_url":"https://codeload.github.com/inexio/cve-alert-manager/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inexio%2Fcve-alert-manager/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30312182,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-09T20:05:46.299Z","status":"ssl_error","status_checked_at":"2026-03-09T19:57:04.425Z","response_time":61,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","golang","security","security-vulnerability"],"created_at":"2026-03-09T21:34:52.916Z","updated_at":"2026-03-09T21:34:53.089Z","avatar_url":"https://github.com/inexio.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cve-alert-manager\n[![Go Report Card](https://goreportcard.com/badge/github.com/inexio/cve-alert-manager)](https://goreportcard.com/report/github.com/inexio/cve-alert-manager)\n[![GitHub license](https://img.shields.io/badge/license-BSD-blue.svg)](https://github.com/inexio/check_eve_ng/blob/master/LICENSE)\n[![GitHub code style](https://img.shields.io/badge/code%20style-uber--go-brightgreen)](https://github.com/uber-go/guide/blob/master/style.md)\n[![GoDoc doc](https://img.shields.io/badge/godoc-reference-blue)](https://godoc.org/github.com/inexio/cve-alert-manager)\n\n## Description\n\nSuit to pull CVE incidents from different sources (for example [CERT-Bund](https://www.cert-bund.de/wid)), to normalize them and store them in a database in order to provide an unified REST-API to manage CVE alerts.\nAll components are written in golang.\n\n\n## Features\n\n\n### CVE Alert Fetcher (cve-alert-fetcher)\n\n- Fetches CVE alerts from various sources (currently only \"cert-bund\")\n- Normalizes all received alerts and puts them in the database\n- Parameters (such as access data) can be specified on command line, config file and environment variables\n- Features for source \"cert-bund\":\n  - Retrieves PGP-signed multipart-MIME-mail via POP3\n  - Check the PGP signature via public key \n\n\n### CVE Alert Rest API (cve-alert-restapi)\n\n- Option to search and list cve alerts\n- Option to filter certain categories\n- Option to add, change or delete comments\n- Option to list a specific comment\n- Option to import,add and export filter\n- Configurable search filters\n\n\n## Requirements\n\nYou need to register to the \"Warning and Information Service of [CERT-Bund](https://www.cert-bund.de/wid) and subscribe to the desired messages. Also you need to provide a datatbase to store and manage the cases.\n\n\n## Installation\n\n```\ngo get github.com/inexio/cve-alert-manager\n```\n\nor\n\n```\ngit clone https://github.com/inexio/cve-alert-manager.git\n```\n\n\n## Setup\n\nAfter installation you have to setup your config or set environment variables.\n\n\n### Configs\n\nDefault config file paths (3 paths):\n\n```\n$HOME/.cve-alert-manager\n../config\n/var/opt/cve-alert-manager\n```\n\nYou need to specify all settings of \"certBundPop3\" and \"cveDatabase\" in the config.yaml either in a config file in one of those paths, in a file you specify with the config flag or in your environment variables.\n\nOne of those paths needs to contain the filter_config.yaml if you want to use the init-db function.\n\nIf you don't change the username and password for the restAPI, it will be available without verification. Default port for the restAPI is 1323.\n\n\n## Usage\n\n\n### How to run cve-alert-fetcher\n\nFirst change directory to cve-alert-fetcher:\n\n```\ncd go/src/cve-alert-manager/cve-alert-fetcher\n```\n\nThen run the main.go (and maybe set args and flags):\n\n```\ngo run main.go \n```\n\nInitialize the DB with filters and filter categories provided by us:\n\n```\ngo run main.go --init-db\n```\n\n\n### How to run cve-alert-restapi\n\nFirst start change directory to cve-alert-restapi:\n\n```\ncd go/src/cve-alert-manager/cve-alert-restapi\n```\n\nThen run the main.go (and maybe set args and flags):\n\n```\ngo run main-go --port 19000 #Run on port 19000\n```\n\nNow create a new tab on your shell and log in to your server where your framework is running:\n\n```\ncurl -X GET http://localhost:1323/cvecases\n#This request gets all CveCases that are saved in the database\n```\n\nFull documentation of our API is available at [SwaggerHub](https://app.swaggerhub.com/apis-docs/TheFireMike/cve-alert-manager/1.0.0).\n\n\n## Architexture and Components\n\nHere is a graphic that shows the components and the architexture of the cve-alert-manager\n![cve-alert-manager](https://user-images.githubusercontent.com/60655329/77415211-6bed0580-6dc2-11ea-83fe-1f17f5febd17.png)\n\n\n## cve-alert-fetcher email parsing for cert-bund\n\nHere is a graphic that shows how cve-alert-fetcher parse emails from cert-bund\n\n![cve-alert-manager](https://user-images.githubusercontent.com/60655329/77415280-8c1cc480-6dc2-11ea-995a-ed114840eed5.png)\n\n\n## Relationship between filter_categories and case_categories\n\nHere is a graphic that shows the relationship between these two Database tables\n![cve-alert-manager](https://user-images.githubusercontent.com/60655329/77415386-b66e8200-6dc2-11ea-89f9-5da061e560b3.png)\n\n\n## Getting Help\n\nIf there are any problems. or something does not work as intended, open an issue on GitHub.\n\n\n## Contribution\n\nContribution to the project are welcome.\n\nWe are looking forward to your bug reports, suggestions and fixes.\n\nIf you want to make any contributions make sure your go reports match up with our projects score **A+**.\n\nWhen you contribute make sure you code is confirm to the **uber-go** coding style.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finexio%2Fcve-alert-manager","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finexio%2Fcve-alert-manager","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finexio%2Fcve-alert-manager/lists"}