Fetch CVEs per application from NVD (CVE API 2.0)
Project description
CVE Finder
Fetch CVEs per application from NVD (National Vulnerability Database) API 2.0.
Installation
pip3 install cve-finder-cli
Or install from source (editable):
pip install -e .
Or from the directory:
python -m pip install .
Usage
After installation, use the cve-finder command:
# Using CPE (exact match)
cve-finder --cpe "cpe:2.3:a:gitlab:gitlab:16.7:*:*:*:*:*:*:*" --json output.json
# Using keyword search
cve-finder --app "nginx" --version "1.24.0" --csv nginx.csv
# Filter by severity and date (case-insensitive)
cve-finder --app "openssl" --severity critical --since 2024-01-01 --max 50
# Multiple severities (repeat flag or comma-separated)
cve-finder --app "jira" --severity CRITICAL --severity MEDIUM
cve-finder --app "jira" --severity CRITICAL,MEDIUM
# Print to console (no file output)
cve-finder --app "tomcat" --version "9.0.0"
Direct script usage
You can also run the entry script directly:
# Best (exact): use a CPE name
python main.py --cpe "cpe:2.3:a:nginx:nginx:1.24.0:*:*:*:*:*:*:*" --csv nginx_1.24.0.csv
# Keyword search (fuzzier)
python main.py --app "nginx" --version "1.24.0" --json out.json
# Keyword search, no version
python main.py --app "openssl" --since 2024-01-01 --max 200 --csv openssl.csv
Options
--cpe- Exact CPE name for precise matching--app- Application name for keyword search--version- Optional version (with --app)--since- Filter CVEs published since date (YYYY-MM-DD)--until- End date for published window--severity- Filter by severity (case-insensitive). Repeat flag or use comma-separated list (LOW, MEDIUM, HIGH, CRITICAL)--max- Maximum CVEs to fetch (default: 1000)--page-size- Results per page (max 200)--timeout- HTTP timeout seconds--json- Save results to JSON file--csv- Save results to CSV file--format- Output format to stdout: json or csv
API Key
Set NVD_API_KEY environment variable to reduce rate limiting:
export NVD_API_KEY="your_key_here"
Get your API key at: https://nvd.nist.gov/developers/request-an-api-key
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cve_finder_cli-1.0.1.tar.gz.
File metadata
- Download URL: cve_finder_cli-1.0.1.tar.gz
- Upload date:
- Size: 12.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b3835a184bf5bcff38538bcad50efb2d3fcf1783e898683939e52855c5418986
|
|
| MD5 |
86c32ebc499033944d473e19ab7eb846
|
|
| BLAKE2b-256 |
97c3c970b87af7462c6a9f4ba78206c4128e1a3f7a4105e289db19e2c15c509c
|
File details
Details for the file cve_finder_cli-1.0.1-py3-none-any.whl.
File metadata
- Download URL: cve_finder_cli-1.0.1-py3-none-any.whl
- Upload date:
- Size: 16.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1b8e4607992c7810fb4c7c23cd83ffa00d3967f284a88d9d51597de60264fef7
|
|
| MD5 |
f4df8f0278bc5d9e2400f933a01b33ed
|
|
| BLAKE2b-256 |
ccc0f4cf9864d59928f09fefdd66d8eb50d3722a28775f4aef0b1345c492896a
|
