https://github.com/kaansk/go-euvd
Comprehensive and zero dependency Go client for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.
https://github.com/kaansk/go-euvd
api-client cvss enisa epss european-union euvd go golang incident-response open-source oss security threat-intelligence vulnerability vulnerabilitymanagement
Last synced: 12 months ago
JSON representation
Comprehensive and zero dependency Go client for the ENISA EU Vulnerability Database (EUVD) API. Instantly access real-time vulnerability data, security advisories, CVSS scores, and more.
- Host: GitHub
- URL: https://github.com/kaansk/go-euvd
- Owner: kaansk
- License: mit
- Created: 2025-07-09T18:15:51.000Z (12 months ago)
- Default Branch: main
- Last Pushed: 2025-07-10T14:10:32.000Z (12 months ago)
- Last Synced: 2025-07-10T15:42:17.214Z (12 months ago)
- Topics: api-client, cvss, enisa, epss, european-union, euvd, go, golang, incident-response, open-source, oss, security, threat-intelligence, vulnerability, vulnerabilitymanagement
- Language: Go
- Homepage:
- Size: 14.6 KB
- Stars: 5
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# go-euvd
[](https://pkg.go.dev/github.com/kaansk/go-euvd)
[](https://goreportcard.com/report/github.com/kaansk/go-euvd)
[](https://opensource.org/licenses/MIT)
A comprehensive Go client library for the **ENISA EU Vulnerability Database (EUVD)** API, providing access to vulnerability data, security advisories, and threat intelligence.
> [!IMPORTANT]
> **Implementation Notes & API Behavior**
>
> - **Opinionated Data Handling:** This library takes a pragmatic approach to data returned by the remote API. For example, some fields are returned as single strings with embedded `\n` newlines. The library automatically parses these into Go string slices, providing a more idiomatic and convenient interface for consumers.
>
> - **Remote Search API Limitations:** While this library fully implements the official EUVD API specification, it has been observed that the remote search functionality has issues. Certain query parameter combinations (e.g., using `vendor` together with `toScore` or `fromScore`) may result in some parameters being ignored or omitted by the remote service. This is a limitation of the upstream API, not the client library.
>
> In case the mentioned shortcomings are implementation related, feel free to open an issue.
---
## Data Source
The [**ENISA EU Vulnerability Database**](https://euvd.enisa.europa.eu/) serves as the European Union's central repository. Api documentation is provided via [**Official API Documentation**](https://euvd.enisa.europa.eu/apidoc). API offers:
- **Real-time vulnerability data** from multiple sources
- **Security advisories** from vendors and security organizations
- **CVSS scores** and exploitability metrics (EPSS)
- **Product and vendor mappings** for affected systems
- **Exploitation status** and timeline information
## Key Features
- ✅ **Complete API Coverage** - All EUVD endpoints supported
- ⚡ **High Performance** - Optimized HTTP client with connection pooling
- 🔧 **Flexible Configuration** - Custom timeouts, loggers, and HTTP clients
- 🪶 **Zero External Dependencies** - Maximum portability, following standard library and best Go practices
## Getting Started
### Installation
```bash
go get github.com/kaansk/go-euvd
```
### Usage
#### Default Client
```go
client := euvd.NewClient()
```
#### Customized Client
```go
logger := slog.New(slog.NewJSONHandler(os.Stdout, &slog.HandlerOptions{Level: slog.LevelInfo}))
customHTTPClient := &http.Client{
Timeout: 60 * time.Second,
Transport: &http.Transport{
MaxIdleConns: 10,
IdleConnTimeout: 30 * time.Second,
},
}
client = euvd.NewClient(
euvd.WithBaseURL("https://euvdservices.enisa.europa.eu/api"),
euvd.WithTimeout(30*time.Second),
euvd.WithLogger(logger),
euvd.WithHTTPClient(customHTTPClient),
)
```
#### Examples
Check [**example implementation**](./examples/main.go) to check usage and all endpoints.
```go
package main
import (
"context"
"fmt"
"log"
"github.com/kaansk/go-euvd"
)
func main() {
// Default client
client := euvd.NewClient()
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel()
// Get latest critical vulnerabilities
vulnerabilities, err := client.GetLatestCriticalVulnerabilities(ctx)
if err != nil {
log.Fatal(err)
}
fmt.Printf("Found %d critical vulnerabilities\n", len(vulnerabilities))
for _, vuln := range vulnerabilities {
fmt.Printf("- %s (Score: %.1f)\n", vuln.ID, vuln.BaseScore)
}
}
```
## Devcontainer
A ready-to-use [devcontainer](.devcontainer/) is provided for rapid onboarding and consistent development environments. It includes:
- Latest stable Go (fetched from official releases)
- All recommended Go tools (gopls, golangci-lint, goimports, staticcheck, delve)
- Non-root user
- Minimal, reproducible setup based on Debian/Ubuntu
---