Skip to main content

A Python library that parses dependency lockfiles, queries vulnerability databases (OSV.dev), and enriches results with EPSS scores.

Project description

cve-triage

cve-triage is a Python library that parses common dependency lockfiles, queries vulnerability databases (OSV.dev), and enriches the results with EPSS (Exploit Prediction Scoring System) scores. It returns structured, typed data optimized for programmatic consumption, CI/CD pipelines, and AI agent workflows.

Problem Statement

Identifying and prioritizing vulnerable dependencies is a fragmented process. Existing tools are often CLI-focused, produce unstructured output, or lack exploitability context (EPSS). AI agents and automated security pipelines need a reliable, programmatic way to parse lockfiles, fetch vulnerabilities, and prioritize them using exploitability scores without dealing with raw API responses or scraping.

Features

  • Lockfile Parsing: Supports requirements.txt, poetry.lock, package-lock.json, and go.sum.
  • Vulnerability Querying: Fetches known vulnerabilities via the OSV.dev API.
  • EPSS Enrichment: Attaches EPSS scores and percentiles from FIRST.org to prioritize vulnerabilities.
  • Structured Output: Returns fully typed Pydantic models, making it trivial to serialize to JSON for AI agents or APIs.
  • Asynchronous API: Provides async methods for high-performance batch querying.
  • Configurable Thresholds: Filter results by EPSS score or CVSS severity.

Installation

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cve_triage-0.1.0.tar.gz (6.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cve_triage-0.1.0-py3-none-any.whl (9.1 kB view details)

Uploaded Python 3

File details

Details for the file cve_triage-0.1.0.tar.gz.

File metadata

  • Download URL: cve_triage-0.1.0.tar.gz
  • Upload date:
  • Size: 6.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.13.14 Darwin/24.6.0

File hashes

Hashes for cve_triage-0.1.0.tar.gz
Algorithm Hash digest
SHA256 8f9ffe681f561c8e767a1984894cb2ed4dc79adc3c2e456108d05ada2674005c
MD5 d9d41adeec8f935b0b3c32df1dd405d9
BLAKE2b-256 af6fd8886795ad07d8158b0765c31ce76e1d0f30b1fb0945e05906bc6b28a0ad

See more details on using hashes here.

File details

Details for the file cve_triage-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: cve_triage-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 9.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.2.1 CPython/3.13.14 Darwin/24.6.0

File hashes

Hashes for cve_triage-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e93c7df182e8cd8b8ed51c94fe9ab9ab42dbf7bee61bfd3715495efcdf38b76d
MD5 347b1ab4898c3893be2e4080ce303ce5
BLAKE2b-256 0a4b05fb0946070d490ac3a657e56110ebfe9cb2d1e92881a2f69200d31fccdb

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page