blob: a408d3e5f6d6835d25685d6f9dd45b63324b6655 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
# cvez
Utility for managing data items from from the [National Vulnerability
Database (NVD)][nvd]:
* [Common Vulnerabilities and Exposures (CVEs)][cve]
* [Common Vulnerability Scoring System (CVSS)][cvss]
* [Common Platform Enumeration (CPE)][cvss]
## TODO
* [ ] [Common Weakness Enumerations (CWEs)][cwe]
* [ ] [National Checklist Program (NCP)][ncp]
* [ ] [man][] export
* [ ] [cyclonedx][] support (for inventories)
* [ ] [purl][] support (related to [cyclonedx][])
* [ ] investigate [SCAP][]
* [ ] investigate [OSV][]
[nvd]: https://nvd.nist.gov/
"National Vulnerability Database"
[cve]: https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
"Common Vulnerabilities and Exposures"
[cvss]: https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System
"Common Vulnerabilities Scoring System"
[cpe]: https://en.wikipedia.org/wiki/Common_Platform_Enumeration
"Common Platform Enumeration"
[cwe]: https://cwe.mitre.org/data/downloads.html
"Common Weakness Enumeration"
[cisa-kevc]: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
"CISA Known Exploited Vulnerabilities Catalog"
[man]: https://www.golinuxcloud.com/create-man-page-template-linux-with-examples/
"man format export"
[ncp]: https://ncp.nist.gov/data-feeds
"National Checklist Program data feeds"
[purl]: https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst
"Package URL specification"
[cyclonedx]: https://cyclonedx.org/use-cases/#authenticity
"CycloneDX SBOM."
[scap]: https://csrc.nist.gov/projects/security-content-automation-protocol
"Security Content Automation Protocol."
[osv]: https://github.com/google/osv
"Open Source Vulnerability database."
|
