Skip to content

Unofficial but convenient Go wrapper around the NVD REST JSON API

License

Notifications You must be signed in to change notification settings

pandatix/nvdapi

Repository files navigation

NVD API

Unofficial but convenient Go wrapper around the NVD API

reference go report Coverage Status
License CI CodeQL
OpenSSF Scoreboard

It supports API v2 with full support of endpoints, and keep support of deprecated for v1 for the sake of History. Notice that this Go module does not enforce the recommended rate limiting between each request.

Warning

This product uses the NVD API but is not endorsed or certified by the NVD.

How to use

The following shows how to basically use the wrapper to get a CPE for a given wide CPE match string.

package main

import (
	"fmt"
	"log"
	"net/http"

	"github.com/pandatix/nvdapi/v2"
)

func main() {
	apiKey := "<your_nvd_api_key>"
	client, err := nvdapi.NewNVDClient(&http.Client{}, apiKey)
	if err != nil {
		log.Fatal(err)
	}

	resp, err := nvdapi.GetCPEs(client, nvdapi.GetCPEsParams{
		CPEMatchString: ptr("cpe:2.3:*:microsoft"),
		ResultsPerPage: ptr(1),
	})
	if err != nil {
		log.Fatal(err)
	}

	for _, prod := range resp.Products {
		fmt.Println(prod.CPE.CPEName)
	}
}

func ptr[T any](t T) *T {
	return &t
}