Skip to main content

AppThreat's vulnerability database and package search library with a built-in file based storage. CVE and GitHub are the primary sources of vulnerabilities.

Project description

Introduction

This repo is a vulnerability database and package search for sources such as NVD, GitHub and so on. It uses a built-in file based storage to allow offline access.

Installation

pip install appthreat-vulnerability-db

Usage

This package is ideal as a library for managing vulnerabilities. This is used by dep-scan, a free open-source dependency audit tool. However, there is a limited cli capability available with few features to test this tool directly.

Cache vulnerability data

vdb --cache

It is possible to customise the cache behaviour by increasing the historic data period to cache by setting the following environment variables.

  • NVD_START_YEAR - Default: 2016. Supports upto 2002
  • GITHUB_PAGE_COUNT - Default: 5. Supports upto 20

Periodic sync

To periodically sync the latest vulnerabilities and update the database cache.

vdb --sync

Basic search

It is possible to perform simple search using the cli.

vdb --search android:8.0

vdb --search google:android:8.0

vdb --search android:8.0,simplesamlphp:1.14.11

Syntax is package:version,package:version or vendor : package : version (Without space)

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

appthreat-vulnerability-db-1.3.1.tar.gz (20.7 kB view details)

Uploaded Source

Built Distribution

appthreat_vulnerability_db-1.3.1-py3-none-any.whl (27.2 kB view details)

Uploaded Python 3

File details

Details for the file appthreat-vulnerability-db-1.3.1.tar.gz.

File metadata

  • Download URL: appthreat-vulnerability-db-1.3.1.tar.gz
  • Upload date:
  • Size: 20.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/44.0.0 requests-toolbelt/0.9.1 tqdm/4.47.0 CPython/3.8.2

File hashes

Hashes for appthreat-vulnerability-db-1.3.1.tar.gz
Algorithm Hash digest
SHA256 c28c9a94e5bd9cc792c47393dabe6466eb2a92bd5e01fec4939e1621f9c7dc19
MD5 1eff02bcb7460c1e59f93dc3af3b00fb
BLAKE2b-256 17696a9d8a5947b5aa5f8b0a7b6d1c2f930dac2c88ea710a2487ac34a0261ac5

See more details on using hashes here.

File details

Details for the file appthreat_vulnerability_db-1.3.1-py3-none-any.whl.

File metadata

  • Download URL: appthreat_vulnerability_db-1.3.1-py3-none-any.whl
  • Upload date:
  • Size: 27.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/44.0.0 requests-toolbelt/0.9.1 tqdm/4.47.0 CPython/3.8.2

File hashes

Hashes for appthreat_vulnerability_db-1.3.1-py3-none-any.whl
Algorithm Hash digest
SHA256 e8cf2073731493f09891bb41a9aa1320272e4dfb525fb46c91d110a3a55328c4
MD5 f50e2ff7c1c53e405f9d7baad6846d2a
BLAKE2b-256 1710bfa25c0526657880583de9c7b94b5ada75e6b6ac5d4f16ec44198c766dbf

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page