Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/travispaul/nvd_cve

🔎 Search for CVEs against a local cached copy of NIST National Vulnerability Database (NVD)
https://github.com/travispaul/nvd_cve

cve nist nvd

Last synced: 9 days ago
JSON representation

🔎 Search for CVEs against a local cached copy of NIST National Vulnerability Database (NVD)

Host: GitHub
URL: https://github.com/travispaul/nvd_cve
Owner: travispaul
License: bsd-2-clause
Created: 2022-01-04T11:00:05.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2024-07-22T18:14:27.000Z (4 months ago)
Last Synced: 2024-10-31T11:44:51.327Z (14 days ago)
Topics: cve, nist, nvd
Language: Rust
Homepage:
Size: 128 KB
Stars: 8
Watchers: 5
Forks: 3
Open Issues: 7
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # nvd_cve

🔎 Search for CVEs against a local cached copy of NIST National Vulnerability Database (NVD).

[![Build and Run Tests](https://github.com/travispaul/nvd_cve/actions/workflows/build_and_test.yml/badge.svg)](https://github.com/travispaul/nvd_cve/actions/workflows/build_and_test.yml)

`nvd_cve` is a command-line utility and Rust module for syncing and searching the NIST National Vulnerability Database.

Its functionality attempts to be useful for vulnerability management tasks and automation efforts that utilize the CVE

data. A local cache can also be useful in event that the NIST NVD website or API is unreachable.

## Usage

### Command line usage

The `nvd_cve` command line application offers `sync` and `search` commands.

```

Search for CVEs against a local cached copy of NIST National Vulnerability Database (NVD).

USAGE:

    nvd_cve [SUBCOMMAND]

FLAGS:

    -h, --help       Prints help information

    -V, --version    Prints version information

SUBCOMMANDS:

    help      Prints this message or the help of the given subcommand(s)

    search    Search for a CVE by ID in the local cache

    sync      Sync CVE feeds to local database

```

#### 🔃 Sync

Before you can search for CVEs you should perform a `sync` which will pull the data feeds and build a local cache in SQLite.

```

Sync CVE feeds to local database

USAGE:

    nvd_cve sync [FLAGS] [OPTIONS]

FLAGS:

    -f, --force           Ignore existing Metafiles and force update all feeds

    -h, --help            Prints help information

    -n, --no-progress     Don't show progress bar when syncing feeds

    -s, --show-default    Show default config values and exit

    -V, --version         Prints version information

    -v, --verbose         Print verbose logs (Set level with RUST_LOG)

OPTIONS:

    -d, --db        Path to SQLite database where CVE feed data will be stored

    -l, --feeds     Comma separated list of CVE feeds to fetch and sync, defaults to: all known feeds

    -u, --url        URL to use for fetching feeds, defaults to: https://nvd.nist.gov/feeds/json/cve/1.1

```

**Example:**

The initial database will take a few minutes to build, but subsequent runs

will be considerably faster as only modified feeds will be fetched and updated.

```

$ ./nvd_cve sync

[Feed: 2012] Fetching feed (1.97 MB)              [================------------------------]  42%

```

If the official NIST feeds are down or responding slowly you can use a [mirror](https://www.harmless.systems/mirror/nvd/index.html):

```

$ ./target/debug/nvd_cve sync -u https://www.harmless.systems/mirror/nvd/feeds/json/cve/1.1/    

[Feed: 2015] Fetching feed (2.10 MB)              [=======================-----------------]  59%

```

#### 🔎 Search

Search by a specific CVE or by some text within the description.

```

Search for a CVE by ID in the local cache

USAGE:

    nvd_cve search [FLAGS] [OPTIONS] [CVE]

FLAGS:

    -h, --help       Prints help information

    -V, --version    Prints version information

    -v, --verbose    Print verbose logs (Set level with RUST_LOG)

OPTIONS:

    -d, --db         Path to SQLite database where CVE feed data will be stored

    -t, --text     Search the CVE descriptions instead.

ARGS:

        CVE ID to retrieve

```

**Examples:**

Search by CVE ID:

```

$ nvd_cve search CVE-2019-12780

{

  "data_type": "CVE",

  "data_format": "MITRE",

  "data_version": "4.0",

  "cve_data_meta": {

    "id": "CVE-2019-12780",

    "assigner": "[email protected]"

  },

  "problem_type": {

    "problem_type_data": [

      {

        "description": [

          {

            "lang": "en",

            "value": "CWE-78"

          }

        ]

      }

    ]

  },

  "references": {

    "reference_data": [

      {

        "url": "https://www.exploit-db.com/exploits/46436",

        "name": "https://www.exploit-db.com/exploits/46436",

        "ref_source": "MISC",

        "tags": [

          "Exploit",

          "Third Party Advisory",

          "VDB Entry"

        ]

      }

    ]

  },

  "description": {

    "description_data": [

      {

        "lang": "en",

        "value": "The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands without authentication."

      }

    ]

  }

}

```

Search within CVE descriptions:

```

$ nvd_cve search -t Crock-Pot

CVE-2019-12780

```

### Module Usage

See the [examples](examples/) directory for how to use the crate programmatically.