# vulnlist
A tool for fetching, transforming, and storing vulnerability data from a variety of sources.
Supported data sources:
- Alpine (https://secdb.alpinelinux.org)
- Amazon (https://alas.aws.amazon.com/AL2/alas.rss & https://alas.aws.amazon.com/AL2022/alas.rss)
- Debian (https://security-tracker.debian.org/tracker/data/json & https://salsa.debian.org/security-tracker-team/security-tracker/raw/master/data/DSA/list)
- GitHub Security Advisories (https://api.github.com/graphql)
- NVD (https://services.nvd.nist.gov/rest/json/cves/2.0)
- Oracle (https://linux.oracle.com/security/oval)
- RedHat (https://www.redhat.com/security/data/oval)
- SLES (https://ftp.suse.com/pub/projects/security/oval)
- Ubuntu (https://launchpad.net/ubuntu-cve-tracker)
- Wolfi (https://packages.wolfi.dev)
## Installation
With pip:
```bash
pip install vulnlist
```
With docker:
```bash
docker run \
--rm -it \
-v $(pwd)/data:/data \
-v $(pwd)/.vulnlist.yaml:/.vulnlist.yaml \
ghcr.io/khulnasoft-lab/vulnlist:latest \
run nvd
```
Where:
- the `data` volume keeps the processed data on the host
- the `.vulnlist.yaml` uses the host application config (if present)
- you can swap `latest` for a specific version (same as the git tags)
See [the vulnlist package](https://github.com/khulnasoft-lab/vulnlist/pkgs/container/vulnlist) for a full listing of available tags.
## Getting Started
List the available vulnerability data providers:
```
$ vulnlist list
alpine
amazon
chainguard
debian
github
mariner
nvd
oracle
rhel
sles
ubuntu
wolfi
```
Download and process a provider:
```
$ vulnlist run wolfi
2023-01-04 13:42:58 root [INFO] running wolfi provider
2023-01-04 13:42:58 wolfi [INFO] downloading Wolfi secdb https://packages.wolfi.dev/os/security.json
2023-01-04 13:42:59 wolfi [INFO] wrote 56 entries
2023-01-04 13:42:59 wolfi [INFO] recording workspace state
```
You will see the processed vulnerability data in the local `./data` directory
```
$ tree data
data
└── wolfi
├── checksums
├── metadata.json
├── input
│ └── secdb
│ └── os
│ └── security.json
└── results
└── wolfi:rolling
├── CVE-2016-2781.json
├── CVE-2017-8806.json
├── CVE-2018-1000156.json
└── ...
```
*Note: to get more verbose output, use `-v`, `-vv`, or `-vvv` (e.g. `vulnlist -vv run wolfi`)*
Delete existing input and result data for one or more providers:
```
$ vulnlist clear wolfi
2023-01-04 13:48:31 root [INFO] clearing wolfi provider state
```
Example config file for changing application behavior:
```yaml
# .vulnlist.yaml
root: ./processed-data
log:
level: trace
providers:
wolfi:
request_timeout: 125
runtime:
existing_input: keep
existing_results: delete-before-write
on_error:
action: fail
input: keep
results: keep
retry_count: 3
retry_delay: 10
```
Use `vulnlist config` to get a better idea of all of the possible configuration options.
## FAQ
### Can I implement a new provider?
Yes you can! See [the provider docs](https://github.com/khulnasoft-lab/vulnlist/blob/main/DEVELOPING.md#adding-a-new-provider) for more information.
### Why is it called "vulnlist"?
This tool "funnels" vulnerability data into a single spot for easy processing... say "vulnerability data funnel" 100x fast enough and eventually it'll slur to "vulnlist" :).
Raw data
{
"_id": null,
"home_page": "https://github.com/khulnasoft-lab/vulnlist",
"name": "vulnlist",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.9",
"maintainer_email": null,
"keywords": "vulnerability, data, aggregator, grype, vulnerability-data",
"author": "KhulnaSoft Security",
"author_email": "security@khulnasoft.com",
"download_url": "https://files.pythonhosted.org/packages/ed/eb/4c17fe77f46faeebe3b0b6fe1433072f568f71a1116e752a3ad39417de55/vulnlist-0.22.0.tar.gz",
"platform": null,
"description": "# vulnlist\n\nA tool for fetching, transforming, and storing vulnerability data from a variety of sources.\n\n\n\nSupported data sources:\n- Alpine (https://secdb.alpinelinux.org)\n- Amazon (https://alas.aws.amazon.com/AL2/alas.rss & https://alas.aws.amazon.com/AL2022/alas.rss)\n- Debian (https://security-tracker.debian.org/tracker/data/json & https://salsa.debian.org/security-tracker-team/security-tracker/raw/master/data/DSA/list)\n- GitHub Security Advisories (https://api.github.com/graphql)\n- NVD (https://services.nvd.nist.gov/rest/json/cves/2.0)\n- Oracle (https://linux.oracle.com/security/oval)\n- RedHat (https://www.redhat.com/security/data/oval)\n- SLES (https://ftp.suse.com/pub/projects/security/oval)\n- Ubuntu (https://launchpad.net/ubuntu-cve-tracker)\n- Wolfi (https://packages.wolfi.dev)\n\n\n## Installation\n\nWith pip:\n\n```bash\npip install vulnlist\n```\n\nWith docker:\n\n```bash\ndocker run \\\n --rm -it \\\n -v $(pwd)/data:/data \\\n -v $(pwd)/.vulnlist.yaml:/.vulnlist.yaml \\\n ghcr.io/khulnasoft-lab/vulnlist:latest \\\n run nvd\n```\nWhere:\n - the `data` volume keeps the processed data on the host\n - the `.vulnlist.yaml` uses the host application config (if present)\n - you can swap `latest` for a specific version (same as the git tags)\n\nSee [the vulnlist package](https://github.com/khulnasoft-lab/vulnlist/pkgs/container/vulnlist) for a full listing of available tags.\n\n\n## Getting Started\n\nList the available vulnerability data providers:\n\n```\n$ vulnlist list\n\nalpine\namazon\nchainguard\ndebian\ngithub\nmariner\nnvd\noracle\nrhel\nsles\nubuntu\nwolfi\n```\n\nDownload and process a provider:\n\n```\n$ vulnlist run wolfi\n\n2023-01-04 13:42:58 root [INFO] running wolfi provider\n2023-01-04 13:42:58 wolfi [INFO] downloading Wolfi secdb https://packages.wolfi.dev/os/security.json\n2023-01-04 13:42:59 wolfi [INFO] wrote 56 entries\n2023-01-04 13:42:59 wolfi [INFO] recording workspace state\n```\n\nYou will see the processed vulnerability data in the local `./data` directory\n\n```\n$ tree data\n\ndata\n\u2514\u2500\u2500 wolfi\n \u251c\u2500\u2500 checksums\n \u251c\u2500\u2500 metadata.json\n \u251c\u2500\u2500 input\n \u2502 \u2514\u2500\u2500 secdb\n \u2502 \u2514\u2500\u2500 os\n \u2502 \u2514\u2500\u2500 security.json\n \u2514\u2500\u2500 results\n \u2514\u2500\u2500 wolfi:rolling\n \u251c\u2500\u2500 CVE-2016-2781.json\n \u251c\u2500\u2500 CVE-2017-8806.json\n \u251c\u2500\u2500 CVE-2018-1000156.json\n \u2514\u2500\u2500 ...\n```\n\n*Note: to get more verbose output, use `-v`, `-vv`, or `-vvv` (e.g. `vulnlist -vv run wolfi`)*\n\nDelete existing input and result data for one or more providers:\n\n```\n$ vulnlist clear wolfi\n\n2023-01-04 13:48:31 root [INFO] clearing wolfi provider state\n```\n\nExample config file for changing application behavior:\n\n```yaml\n# .vulnlist.yaml\nroot: ./processed-data\n\nlog:\n level: trace\n\nproviders:\n wolfi:\n request_timeout: 125\n runtime:\n existing_input: keep\n existing_results: delete-before-write\n on_error:\n action: fail\n input: keep\n results: keep\n retry_count: 3\n retry_delay: 10\n\n```\n\nUse `vulnlist config` to get a better idea of all of the possible configuration options.\n\n\n## FAQ\n\n\n### Can I implement a new provider?\n\nYes you can! See [the provider docs](https://github.com/khulnasoft-lab/vulnlist/blob/main/DEVELOPING.md#adding-a-new-provider) for more information.\n\n\n### Why is it called \"vulnlist\"?\n\nThis tool \"funnels\" vulnerability data into a single spot for easy processing... say \"vulnerability data funnel\" 100x fast enough and eventually it'll slur to \"vulnlist\" :).\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "vulnlist ~= 'vulnerability data funnel'",
"version": "0.22.0",
"project_urls": {
"Homepage": "https://github.com/khulnasoft-lab/vulnlist",
"Repository": "https://github.com/khulnasoft-lab/vulnlist"
},
"split_keywords": [
"vulnerability",
" data",
" aggregator",
" grype",
" vulnerability-data"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "68211465f2a8a508df5ed72f310eacc275f791d1acb65a5305a86206db320f9c",
"md5": "691c65f0a4565adad138f03ef79f32e2",
"sha256": "6a97b7e1806f584763cd5ae325b83f4a5b162ca3a3512aae201879cc4f6062e3"
},
"downloads": -1,
"filename": "vulnlist-0.22.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "691c65f0a4565adad138f03ef79f32e2",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.9",
"size": 122986,
"upload_time": "2024-04-27T19:11:55",
"upload_time_iso_8601": "2024-04-27T19:11:55.344671Z",
"url": "https://files.pythonhosted.org/packages/68/21/1465f2a8a508df5ed72f310eacc275f791d1acb65a5305a86206db320f9c/vulnlist-0.22.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "edeb4c17fe77f46faeebe3b0b6fe1433072f568f71a1116e752a3ad39417de55",
"md5": "ec4e5cd4f8fd923ad1e1e9c73d0efc56",
"sha256": "0d67faf9a01e855413af929af84184ac71ec693a67c411e194c5691e0c6c7910"
},
"downloads": -1,
"filename": "vulnlist-0.22.0.tar.gz",
"has_sig": false,
"md5_digest": "ec4e5cd4f8fd923ad1e1e9c73d0efc56",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.9",
"size": 99826,
"upload_time": "2024-04-27T19:11:56",
"upload_time_iso_8601": "2024-04-27T19:11:56.815466Z",
"url": "https://files.pythonhosted.org/packages/ed/eb/4c17fe77f46faeebe3b0b6fe1433072f568f71a1116e752a3ad39417de55/vulnlist-0.22.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-27 19:11:56",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "khulnasoft-lab",
"github_project": "vulnlist",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"tox": true,
"lcname": "vulnlist"
}
JSON
