Skip to content

DanBeard/LibScanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits

templates

templates

 
 

.ebignore

.ebignore

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

application.py

application.py

 
 

cli.py

cli.py

 
 

cve_lookup.py

cve_lookup.py

 
 

download_xml.sh

download_xml.sh

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

This is a simple flask app that parses RPM or SWID package lists and runs them through the NVD.

To get this working you will need to download a copy of the NVD here: https://nvd.nist.gov/download.cfm#CVE_FEED and put the xml files in the dbs folder.

You can run download_xml.sh to do this for you automatically.

The command line interface is similar but outputs a JUnit style XML document for automated continuous integration. To get the package list of your install:

yocto - Follow the instructions in the yocto manual and paste the contents of installed-packages.txt below. rpm - run 'rpm -qa' in the terminal and paste the ouput below other - 'pip install swid_generator && swid_generator swid' in the terminal and paste the output below

run package-cve-lookup -h for more information on using the command line interface

About

RPM/SWID vulnerability scanner

devicevulnerabilitychecker.com

Topics

rpm yocto cve nvd cve-scanning swid

Resources

Readme

License

GPL-3.0 license
Activity

Stars

22 stars

Watchers

9 watching

Forks

27 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages