# cvez

Utility for managing data items from from the [National Vulnerability
Database (NVD)][nvd]:

* [Common Vulnerabilities and Exposures (CVEs)][cve]
* [Common Vulnerability Scoring System (CVSS)][cvss]
* [Common Platform Enumeration (CPE)][cvss]

## TODO

* [ ] [Common Weakness Enumerations (CWEs)][cwe]
* [ ] [National Checklist Program (NCP)][ncp]
* [ ] [man][] export
* [ ] [cyclonedx][] support (for inventories)
* [ ] [purl][] support (related to [cyclonedx][])

[nvd]: https://nvd.nist.gov/
  "National Vulnerability Database"
[cve]: https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
  "Common Vulnerabilities and Exposures"
[cvss]: https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System
  "Common Vulnerabilities Scoring System"
[cpe]: https://en.wikipedia.org/wiki/Common_Platform_Enumeration
  "Common Platform Enumeration"
[cwe]: https://cwe.mitre.org/data/downloads.html
  "Common Weakness Enumeration"
[cisa-kevc]: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
  "CISA Known Exploited Vulnerabilities Catalog"
[man]: https://www.golinuxcloud.com/create-man-page-template-linux-with-examples/
  "man format export"
[ncp]: https://ncp.nist.gov/data-feeds
  "National Checklist Program data feeds"
[purl]: https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst
  "Package URL specification"
[cyclonedx]: https://cyclonedx.org/use-cases/#authenticity
  "CycloneDX SBOM."