nvd_api
nvd_api copied to clipboard
plasticuproject
An unofficial, RESTful API for NIST's NVD
nvd_api
NOTE: This project is archived due to NIST discontinuing the json feeds and migrating users to their own API. I have included a set of outdated feeds for this archive. The pythonanywhere demo will no longer be maintained as well.
An unofficial, RESTful API for NIST's NVD.
Endpoints with DEMO examples:
Get results for a specific CVE-ID:
https://plasticuproject.pythonanywhere.com/nvd-api/v1/CVE-2010-4662
Get results for all CVEs: (Not recommended, you should refine your search.)
https://plasticuproject.pythonanywhere.com/nvd-api/v1/all
Get results for all CVEs in a given year:
https://plasticuproject.pythonanywhere.com/nvd-api/v1/year/2020
Get results for all recently added CVEs (last 8 days):
https://plasticuproject.pythonanywhere.com/nvd-api/v1/recent
Get results for all recently modified and added CVEs (last 8 days):
https://plasticuproject.pythonanywhere.com/nvd-api/v1/modified
Get results for all CVEs matching provided CPE VERSION and CPE-ID:
https://plasticuproject.pythonanywhere.com/nvd-api/v1/cpe/23/arris
Return the database schema:
https://plasticuproject.pythonanywhere.com/nvd-api/v1/schema
Keyword Search
For endpoints:
../all
../year/<YEAR>
../recent
../modified
../cpe/<CPE-Version>/<CPE-ID matcher>
you can add a keyword search parameter to return only CVEs with
that keyword found in the description, for example:
https://plasticuproject.pythonanywhere.com/nvd-api/v1/year/2019?keyword=sudo
Or search for multiple keywords and return CVEs containing all keywords:
https://plasticuproject.pythonanywhere.com/nvd-api/v1/year/2020?keyword=sudo&keyword=linux
Note:
All endpoint GET requests will return JSON response data.
Live API database will be updated once every 24 hours, with information from nvd.nist.gov.
Feel free to submit an Issue or Pull Request (with issue reference number)
if you have any problems.
Example Python Client
In the example_clients directory there is a simple python CLI client that lets you
search for CVEs and print their CVE-ID and Description to screen. This is just an example
of how you could write an application and interface this API.
user@ubuntu:~$ ./nvd_api/example_clients/cve_search.py --help
Search CVE records by ID, YEAR and/or KEYWORD. Prints ID and description only.
USAGE:
./cve_search.py <CVE-ID>
./cve_serach.py <year> (keyword)
./cve_search.py all (keyword)
./cve_search.py recent (keyword)
./cve_search.py modified (keyword)
plasticuproject