AppThreat's vulnerability database and package search library with a built-in file based storage. CVE and GitHub are the primary sources of vulnerabilities.
This repo is a vulnerability database and package search for sources such as NVD, GitHub and so on. It uses a built-in file based storage to allow offline access.
pip install appthreat-vulnerability-db
This package is ideal as a library for managing vulnerabilities. This is used by dep-scan, a free open-source dependency audit tool. However, there is a limited cli capability available with few features to test this tool directly.
Cache vulnerability data
It is possible to customise the cache behaviour by increasing the historic data period to cache by setting the following environment variables.
- NVD_START_YEAR - Default: 2016. Supports upto 2002
- GITHUB_PAGE_COUNT - Default: 5. Supports upto 20
To periodically sync the latest vulnerabilities and update the database cache.
It is possible to perform simple search using the cli.
vdb --search android:8.0 vdb --search google:android:8.0 vdb --search android:8.0,simplesamlphp:1.14.11
Syntax is package:version,package:version or vendor : package : version (Without space)
Release history Release notifications | RSS feed
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size appthreat_vulnerability_db-1.3.0-py3-none-any.whl (27.2 kB)||File type Wheel||Python version py3||Upload date||Hashes View|
|Filename, size appthreat-vulnerability-db-1.3.0.tar.gz (20.7 kB)||File type Source||Python version None||Upload date||Hashes View|
Hashes for appthreat_vulnerability_db-1.3.0-py3-none-any.whl
Hashes for appthreat-vulnerability-db-1.3.0.tar.gz