https://github.com/olbat/nvdcve

NVD/CVE as JSON files
https://github.com/olbat/nvdcve

cve vulnerability-identification

Last synced: 10 days ago
JSON representation

NVD/CVE as JSON files

• Host: GitHub
• URL: https://github.com/olbat/nvdcve
• Owner: olbat
• License: other
• Created: 2017-11-28T18:12:17.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2024-10-29T12:04:33.000Z (6 months ago)
• Last Synced: 2024-10-29T14:34:48.637Z (6 months ago)
• Topics: cve, vulnerability-identification
• Language: Shell
• Homepage: https://olbat.github.io/nvdcve/CVE-YYYY-NNNN.json
• Size: 1.68 GB
• Stars: 106
• Watchers: 6
• Forks: 29
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-security-vul-llm - olbat/nvdcve - square) - 该项目提供NVD和CVE®字典的JSON文件，并可通过Git探索其修改历史。JSON文件每日由NVD的JSON feed和Travis CI生成并更新。数据访问可通过https://olbat.github.io/nvdcve/CVE-YYYY-NNNN.json。 (LLM分析过程)

README

        
# NVD/CVE® as JSON files

__Important__: this repository is now partially redundant with the [CVEProject/cvelist](https://github.com/CVEProject/cvelist) project that allows to explore the CVE®/NVD modification history using git as well as submitting new vulnerabilities using GitHub pull requests. However, this repository is still synchronized with the dictionaries to allow to fetch each vulnerability in JSON format.

## About

This repository contains JSON files describing vulnerabilities from the [NVD](https://nvd.nist.gov/general/faq) and [CVE®](https://cve.mitre.org/about/faqs.html) dictionaries.

It has two main goals:

- allow to easilly get the description of a vulnerability in the JSON format ([schema](https://csrc.nist.gov/schema/nvd/feed/1.1-Beta/nvd_cve_feed_json_1.1_beta.schema))

- allow to explore CVE®/NVD modification history using git

The JSON files in this repository are generated and updated daily using the [NVD's JSON feeds](https://nvd.nist.gov/vuln/data-feeds) and [Travis CI](https://docs.travis-ci.com/user/cron-jobs/).

__Data access__: JSON files can also be fetched at [https://olbat.github.io/nvdcve/CVE-YYYY-NNNN.json](https://olbat.github.io/nvdcve/CVE-YYYY-NNNN.json).

## Licensing

### Common Vulnerabilities and Exposures (CVE®)

The [CVE®](https://cve.mitre.org/) is maintained by the Mitre Corporation.

The usage of this resource -as well as the JSON files in this repository- is restricted and explained in Mitre CVE®'s [Terms of use](https://cve.mitre.org/about/termsofuse.html):

```

CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive,

no-charge, royalty-free, irrevocable copyright license to reproduce, prepare

derivative works of, publicly display, publicly perform, sublicense, and

distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for

such purposes is authorized provided that you reproduce MITRE's copyright

designation and this license in any such copy.

```

### National Vulnerabilitiy Database (NVD)

The [National Vulnerability Database](https://nvd.nist.gov/) is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol ([SCAP](https://en.wikipedia.org/wiki/Security_Content_Automation_Protocol)).

It is a superset of the CVE® dictionary augmented with additional analysis, a database, and a fine-grained search engine.

Usage restrictions of this resource are described in the NVD's [FAQ](https://nvd.nist.gov/general/faq#1f2488ea-0492-45a7-ae5b-ad29bc31dd05):

```

All NVD data is freely available from our XML Data Feeds. There are no fees,

licensing restrictions, or even a requirement to register. All NIST

publications are available in the public domain according to Title 17 of the

United States Code. Acknowledgment of the NVD  when using our information is

appreciated. In addition, please email [email protected] to let us know how the

information is being used.

```