cve¶
CVE (Common Vulnerabilities and Exposures) and NVD utilities.
Module Contents¶
Classes¶
Represent a CVE entry. |
|
Provide access to the NVD API. |
Attributes¶
- cve.logger¶
- class cve.CVE(json_content: dict[str, Any])¶
Represent a CVE entry.
- property nvd_url: str¶
Return the nvd.nist.gov vulnerability URL for that CVE.
- cve_id() str¶
Return the CVE ID.
- class cve.NVD(cache_db_path: str | None = None, cache_backend: str | None = None, nvd_api_key: str | None = None)¶
Provide access to the NVD API.
- property session: requests.Session¶
Return or create HTTP session.
- search_by_cpe_name(cpe_name: str, is_vulnerable: bool = True, no_rejected: bool = True, results_per_page: int | None = None) collections.abc.Iterator[CVE]¶
Return a list of matching CVE entries.
- Parameters:
cpe_name – The CPE string as defined by NVD APIs doc. It may look like
"cpeName=cpe:2.3:a:gnu:gcc:12.3.0:*:*:*:*:*:*:*"`when looking for CVEs on GCC version 12.3.0.is_vulnerable – Returns only CVE associated with a specific CPE, where the CPE is also considered vulnerable. The exact value provided with cpe_name is compared against the CPE Match Criteria within a CVE applicability statement. If the value of cpeName is considered to match, and is also considered vulnerable the CVE is included in the results.
no_rejected – remove CVE records with the REJECT or Rejected status from API response
results_per_page – number of results to return for each request, note that it is recommended to keep the default setting
- __enter__() Any¶
Return an http requests Session supporting cache.
Use requests_cache CachedSession when cache is requested.
- __exit__(_type: type[BaseException] | None, _value: BaseException | None, _tb: types.TracebackType | None) None¶
Exit context manager.
- Parameters:
_type – exception type
_value – exception value
_tb – traceback
- close() None¶
Close connection and cleanup resources.