https://github.com/ghostbar/nvdcve2json
Pipe-able parser from XML to JSON of the nvdcve list.
https://github.com/ghostbar/nvdcve2json
cve go golang json nvdcve parse xml
Last synced: 7 months ago
JSON representation
Pipe-able parser from XML to JSON of the nvdcve list.
- Host: GitHub
- URL: https://github.com/ghostbar/nvdcve2json
- Owner: ghostbar
- License: mit
- Archived: true
- Created: 2016-03-28T03:41:26.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2023-09-02T23:10:37.000Z (almost 3 years ago)
- Last Synced: 2024-06-20T00:45:19.247Z (about 2 years ago)
- Topics: cve, go, golang, json, nvdcve, parse, xml
- Language: Go
- Homepage:
- Size: 14.6 KB
- Stars: 2
- Watchers: 4
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
nvdcve2json
===========
**DISCONTINUED**: Since October 16th, 2019, the NVD discontinued support for XML Data Feeds. You can [read more here](https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement). There are JSON data feeds available that are going to be discontinued by the end of 2023. They recommend to use their API instead.
Pipe-able parser from XML to JSON of the nvdcve list.
HOW DO I USE IT?
----------------
First, install it with:
go get github.com/ghostbar/nvdcve2json
Or just go to the [releases](https://github.com/ghostbar/nvdcve2json/releases)
page and download the binary for your system.
Then, just run it like:
$GOPATH/bin/nvdcve2json < nvdcve-2.0-2016.xml
curl https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Recent.xml.gz | \
gunzip - | $GOPATH/bin/nvdcve2json
$GOPATH/bin/nvdcve2json --input nvdcve-2.0-2016.xml
$GOPATH/bin/nvdcve2json --input nvdcve-2.0-2016.xml > nvdcve-2.0-2016.json
More help can be found on `$GOPATH/bin/nvdcve2json --help`.
WHAT ABOUT FILTERING STUFF OUT?
-------------------------------
You can use the flag `--filter` since `v1.0.0` to just get the CVEs you want,
like: `"cpe:/o:apple:mac_os_x"`, then `nvdcve2json` will use the logical tests
on the `vulnerable-configuration` field to determine if that `cpe` string
matches any of the CVEs and will print out just that.
Protip: you can send multiple `--filter`, like:
curl https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Recent.xml.gz | \
gunzip - | $GOPATH/bin/nvdcve2json --filter "cpe:/o:apple:mac_os_x"
--filter "cpe:/o:microsoft:windows" > cves-for-mac-n-windows.json
AUTHOR AND LICENSE
------------------
© Jose-Luis Rivas ``.
This software is licensed under the MIT terms, a copy of the license can be
found in the `LICENSE` file in this repository.