return results known vulnerabilities by calling NVD NIST API
This script fetches CVE (Common Vulnerabilities and Exposures) data for specified CPE (Common Platform Enumeration) names from the NVD (National Vulnerability Database) and formats the data for further analysis. The script can optionally suppress standard output messages.
- Fetch CVE data from NVD using CPE names.
- Extract and format relevant CVE details, including CVSS scores and CWE IDs.
- Option to suppress stdout messages for cleaner output.
- Python 3.x
requests
library
-
Clone the repository:
git clone https://github.com/yourusername/cve-fetcher.git cd cve-fetcher
-
Install the required dependencies:
pip install requests
-
Create a
config.ini
file in the root directory with the following structure: -
The following is an example.
[cpeName] cpe1 = cpe:2.3:a:openssl:openssl:1.1.1c:*:*:*:*:*:*:* cpe2 = cpe:2.3:a:apache:log4j:1.2:-:*:*:*:*:*:* # Add more CPE names as needed
Run the script with optional arguments:
- --silent: Suppress stdout messages.
python cve_fetcher.py [--silent]
This project is licensed under the MIT License.