# CVE Vulnerability Scanner
A Python tool that scans software dependencies for known vulnerabilities using NIST's National Vulnerability Database (NVD).
## Features
- 🔍 Scan software libraries for known vulnerabilities
- 📝 Generate detailed vulnerability reports in markdown format
- 🚀 Fast scanning with local caching support
- 🔑 Uses official NVD API with authentication for better rate limits
- 📊 Support CSV input format for batch processing
- 🔄 Cache results to reduce API calls
## Installation
```bash
# Using pip
pip install cve-vulnerability-scanner
# From source
git clone https://github.com/changyy/py-cve-vulnerability-scanner.git
cd py-cve-vulnerability-scanner
pip install -e .
```
## Usage
### Basic Usage
```bash
# Set your NVD API key
export NVD_API_KEY='your-api-key-here'
# Run the scanner
cve-vulnerability-scanner packages.csv -o report.md
```
### Input CSV Format
Create a CSV file (`packages.csv`) with your dependencies:
```csv
library_name,version
busybox,1.31.1
libiconv,1.13.1
```
### Command Line Options
```bash
cve-vulnerability-scanner --help
Options:
-i, --input FILE Input CSV file containing libraries [default: packages.csv]
-o, --output FILE Output report file [default: report.md]
--no-cache Disable caching
--cache-dir DIR Specify cache directory [default: ./cache]
--verbose Enable verbose output
-h, --help Show this help message
-v, --version Show program version
```
## Sample Output
The tool will generate a markdown report like this:
```markdown
# Vulnerability Scan Report
Generated at: 2024-03-08 10:00:00
## Summary
- Total libraries scanned: 2
- Libraries with vulnerabilities: 1
- Total vulnerabilities found: 30
## Details
### Busybox (1.31.1)
Found 30 vulnerabilities:
1. CVE-2022-28391 (CVSS: 5.5)
- Description: Integer overflow in Busybox wget applet...
- Published: 2022-05-20
- References: [Link]
### libiconv (1.13.1)
No known vulnerabilities found.
```
## Authentication
Get your NVD API key from: https://nvd.nist.gov/developers/request-an-api-key
The API key can be provided in three ways (in order of precedence):
1. Environment variable: `NVD_API_KEY`
2. Config file: `~/.config/cve-scanner/config.ini`
3. Command line argument: `--api-key`
## Development
### Setup Development Environment
```bash
# Create virtual environment
python -m venv venv
source venv/bin/activate # Linux/Mac
# or
.\venv\Scripts\activate # Windows
# Install dependencies
pip install -e ".[dev]"
```
### Running Tests
```bash
pytest tests/
```
## Contributing
1. Fork the repository
2. Create your feature branch (`git checkout -b feature/amazing-feature`)
3. Commit your changes (`git commit -m 'Add some amazing feature'`)
4. Push to the branch (`git push origin feature/amazing-feature`)
5. Open a Pull Request
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## Acknowledgments
- NIST National Vulnerability Database (NVD) for providing the vulnerability data
- All contributors who help improve this tool
Raw data
{
"_id": null,
"home_page": "https://github.com/changyy/py-cve-vulnerability-scanner",
"name": "cve-vulnerability-scanner",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "cve security vulnerability scanner nvd nist",
"author": "changyy",
"author_email": "changyy.csie@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/a0/5d/2876d9bb63693380975e906ecdcf12a325f2ef36959566c321bbed45ee61/cve_vulnerability_scanner-1.0.0.tar.gz",
"platform": null,
"description": "# CVE Vulnerability Scanner\n\n\n\nA Python tool that scans software dependencies for known vulnerabilities using NIST's National Vulnerability Database (NVD).\n\n## Features\n\n- \ud83d\udd0d Scan software libraries for known vulnerabilities\n- \ud83d\udcdd Generate detailed vulnerability reports in markdown format\n- \ud83d\ude80 Fast scanning with local caching support\n- \ud83d\udd11 Uses official NVD API with authentication for better rate limits\n- \ud83d\udcca Support CSV input format for batch processing\n- \ud83d\udd04 Cache results to reduce API calls\n\n## Installation\n\n```bash\n# Using pip\npip install cve-vulnerability-scanner\n\n# From source\ngit clone https://github.com/changyy/py-cve-vulnerability-scanner.git\ncd py-cve-vulnerability-scanner\npip install -e .\n```\n\n## Usage\n\n### Basic Usage\n\n```bash\n# Set your NVD API key\nexport NVD_API_KEY='your-api-key-here'\n\n# Run the scanner\ncve-vulnerability-scanner packages.csv -o report.md\n```\n\n### Input CSV Format\n\nCreate a CSV file (`packages.csv`) with your dependencies:\n\n```csv\nlibrary_name,version\nbusybox,1.31.1\nlibiconv,1.13.1\n```\n\n### Command Line Options\n\n```bash\ncve-vulnerability-scanner --help\n\nOptions:\n -i, --input FILE Input CSV file containing libraries [default: packages.csv]\n -o, --output FILE Output report file [default: report.md]\n --no-cache Disable caching\n --cache-dir DIR Specify cache directory [default: ./cache]\n --verbose Enable verbose output\n -h, --help Show this help message\n -v, --version Show program version\n```\n\n## Sample Output\n\nThe tool will generate a markdown report like this:\n\n```markdown\n# Vulnerability Scan Report\nGenerated at: 2024-03-08 10:00:00\n\n## Summary\n- Total libraries scanned: 2\n- Libraries with vulnerabilities: 1\n- Total vulnerabilities found: 30\n\n## Details\n\n### Busybox (1.31.1)\nFound 30 vulnerabilities:\n1. CVE-2022-28391 (CVSS: 5.5)\n - Description: Integer overflow in Busybox wget applet...\n - Published: 2022-05-20\n - References: [Link]\n\n### libiconv (1.13.1)\nNo known vulnerabilities found.\n```\n\n## Authentication\n\nGet your NVD API key from: https://nvd.nist.gov/developers/request-an-api-key\n\nThe API key can be provided in three ways (in order of precedence):\n1. Environment variable: `NVD_API_KEY`\n2. Config file: `~/.config/cve-scanner/config.ini`\n3. Command line argument: `--api-key`\n\n## Development\n\n### Setup Development Environment\n\n```bash\n# Create virtual environment\npython -m venv venv\nsource venv/bin/activate # Linux/Mac\n# or\n.\\venv\\Scripts\\activate # Windows\n\n# Install dependencies\npip install -e \".[dev]\"\n```\n\n### Running Tests\n\n```bash\npytest tests/\n```\n\n## Contributing\n\n1. Fork the repository\n2. Create your feature branch (`git checkout -b feature/amazing-feature`)\n3. Commit your changes (`git commit -m 'Add some amazing feature'`)\n4. Push to the branch (`git push origin feature/amazing-feature`)\n5. Open a Pull Request\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## Acknowledgments\n\n- NIST National Vulnerability Database (NVD) for providing the vulnerability data\n- All contributors who help improve this tool\n",
"bugtrack_url": null,
"license": null,
"summary": "A Python tool that scans software dependencies for known vulnerabilities using NIST's National Vulnerability Database (NVD)",
"version": "1.0.0",
"project_urls": {
"Bug Tracker": "https://github.com/changyy/py-cve-vulnerability-scanner/issues",
"Documentation": "https://github.com/changyy/py-cve-vulnerability-scanner#readme",
"Homepage": "https://github.com/changyy/py-cve-vulnerability-scanner",
"Source Code": "https://github.com/changyy/py-cve-vulnerability-scanner"
},
"split_keywords": [
"cve",
"security",
"vulnerability",
"scanner",
"nvd",
"nist"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "acc9e7290e9f0d65d06588d3f9e64b92b942c574f42165c2a9cb1c4249b69c75",
"md5": "6c9c04c8d643f19035883c330e22dbd4",
"sha256": "84020ba1ff8b9d13b1015727bf60b9520fa139a4536105cfed0ead16753c5db0"
},
"downloads": -1,
"filename": "cve_vulnerability_scanner-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "6c9c04c8d643f19035883c330e22dbd4",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 8879,
"upload_time": "2024-11-08T12:50:24",
"upload_time_iso_8601": "2024-11-08T12:50:24.346835Z",
"url": "https://files.pythonhosted.org/packages/ac/c9/e7290e9f0d65d06588d3f9e64b92b942c574f42165c2a9cb1c4249b69c75/cve_vulnerability_scanner-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "a05d2876d9bb63693380975e906ecdcf12a325f2ef36959566c321bbed45ee61",
"md5": "babbe62b3c76374fd6438725f151f6aa",
"sha256": "41cc6178afbd796d15c118ad203f1df98ff05c5f07702145a795713a213233ab"
},
"downloads": -1,
"filename": "cve_vulnerability_scanner-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "babbe62b3c76374fd6438725f151f6aa",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 11845,
"upload_time": "2024-11-08T12:50:25",
"upload_time_iso_8601": "2024-11-08T12:50:25.855190Z",
"url": "https://files.pythonhosted.org/packages/a0/5d/2876d9bb63693380975e906ecdcf12a325f2ef36959566c321bbed45ee61/cve_vulnerability_scanner-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-08 12:50:25",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "changyy",
"github_project": "py-cve-vulnerability-scanner",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "cve-vulnerability-scanner"
}
JSON
