https://github.com/o-x-l/cve-statistics
Script to generate CVE Statistics
https://github.com/o-x-l/cve-statistics
cve security security-audit statistics vulnerabilities vulnerability
Last synced: 7 months ago
JSON representation
Script to generate CVE Statistics
- Host: GitHub
- URL: https://github.com/o-x-l/cve-statistics
- Owner: O-X-L
- License: mit
- Created: 2024-06-22T11:35:11.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-06-22T13:27:23.000Z (over 1 year ago)
- Last Synced: 2024-06-23T20:33:18.106Z (over 1 year ago)
- Topics: cve, security, security-audit, statistics, vulnerabilities, vulnerability
- Language: JavaScript
- Homepage:
- Size: 19.5 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# CVE Statistics Extractor
This is a basic script to extract statistics about CVE's.
CVE's are used to report and rate vulnerabilities.
----
## Usage
1. Download the CVE data in JSON format: [cve.org](https://www.cve.org/Downloads), [Archive](https://github.com/CVEProject/cvelistV5/archive/refs/heads/main.zip)
2. Extract the data to the same directory as the script (`cvelistV5-main` should be on the same level)
3. Run the script: `python3 cve_statistics.py`
4. Use the JSON export: `cve_statistics.json`
----
## Example
See: [example.json](https://github.com/O-X-L/cve-statistics/blob/main/example.json) (*after enabling SHRINK*)
```bash
python3 cve_statistics.py
> ...
> 2015 | Published: 147 | Scored: 147 | Severity: {'low': 65, 'med': 79, 'high': 2, 'crit': 0, 'dis': 1} | %-Scored: 100.0 | Avg score: 4.9
> 2016 | Published: 205 | Scored: 202 | Severity: {'low': 50, 'med': 82, 'high': 58, 'crit': 1, 'dis': 11} | %-Scored: 98.54 | Avg score: 6.26
> 2017 | Published: 1027 | Scored: 1022 | Severity: {'low': 189, 'med': 364, 'high': 399, 'crit': 18, 'dis': 52} | %-Scored: 99.51 | Avg score: 6.79
> 2018 | Published: 1597 | Scored: 1589 | Severity: {'low': 283, 'med': 761, 'high': 429, 'crit': 51, 'dis': 65} | %-Scored: 99.5 | Avg score: 6.54
> 2019 | Published: 2636 | Scored: 2552 | Severity: {'low': 456, 'med': 1219, 'high': 717, 'crit': 50, 'dis': 110} | %-Scored: 96.81 | Avg score: 6.56
> 2020 | Published: 5794 | Scored: 5307 | Severity: {'low': 1046, 'med': 2223, 'high': 1481, 'crit': 186, 'dis': 371} | %-Scored: 91.59 | Avg score: 6.65
> 2021 | Published: 9341 | Scored: 8202 | Severity: {'low': 1654, 'med': 3098, 'high': 2741, 'crit': 268, 'dis': 442} | %-Scored: 87.81 | Avg score: 6.66
> 2022 | Published: 11181 | Scored: 9454 | Severity: {'low': 1926, 'med': 3984, 'high': 2688, 'crit': 338, 'dis': 518} | %-Scored: 84.55 | Avg score: 6.55
> 2023 | Published: 17279 | Scored: 13886 | Severity: {'low': 2669, 'med': 6861, 'high': 3101, 'crit': 399, 'dis': 860} | %-Scored: 80.36 | Avg score: 6.48
> 2024 | Published: 9631 | Scored: 8422 | Severity: {'low': 1593, 'med': 4564, 'high': 1644, 'crit': 236, 'dis': 385} | %-Scored: 87.45 | Avg score: 6.4
```
Note: Some CVE's are filtered
* CVE's that are not of the state `PUBLISHED`
* CVE's without a score
If you need a small export for some charts - set `SHRINK = True`! Size difference: `1.2MB => 4KB`
----
## Customize
If you want to customize the script, you should look into the [CVE data schema](https://cveproject.github.io/cve-schema/schema/docs/).
Common use-cases could be to search/filter for vulnerabilities of a single product (*MS Windows, MS Exchange, ...*)