CVE-Scorer

About

cve-scorer helps you to assess CVEs by retrieving their CVSS scores.

Have you ever received an Ubuntu Security Notice for one project which contains 45 CVEs and you now have to decide if these affect you? cve-scorer is here to help you!

Example

Example taken from Ubuntu Security Notice [USN-4604-1] MySQL vulnerabilities.

> cve-scorer --link --sort CVE-2019-14775 CVE-2020-14672 CVE-2020-14760 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 CVE-2020-14804 CVE-2020-14809 CVE-2020-14812 CVE-2020-14814 CVE-2020-14821 CVE-2020-14827 CVE-2020-14828 CVE-2020-14829 CVE-2020-14830 CVE-2020-14836 CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 CVE-2020-14848 CVE-2020-14852 CVE-2020-14853 CVE-2020-14860 CVE-2020-14861 CVE-2020-14866 CVE-2020-14867 CVE-2020-14868 CVE-2020-14869 CVE-2020-14870 CVE-2020-14873 CVE-2020-14878 CVE-2020-14888 CVE-2020-14891 CVE-2020-14893`
CVE-2020-14878  8    high    CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14878
CVE-2020-14828  7.2  high    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14828
CVE-2020-14846  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14846
CVE-2020-14830  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14830
CVE-2020-14836  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14836
CVE-2020-14827  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N  https://nvd.nist.gov/vuln/detail/CVE-2020-14827
CVE-2020-14800  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14800
CVE-2020-14769  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14769
CVE-2020-14765  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14765
CVE-2020-14775  6.5  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14775
CVE-2020-14760  5.5  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14760
CVE-2020-14893  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14893
CVE-2020-14891  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14891
CVE-2020-14888  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14888
CVE-2020-14870  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14870
CVE-2020-14869  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14869
CVE-2020-14868  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14868
CVE-2020-14866  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14866
CVE-2020-14852  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14852
CVE-2020-14845  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14845
CVE-2020-14861  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14861
CVE-2020-14848  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14848
CVE-2020-14839  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14839
CVE-2020-14844  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14844
CVE-2020-14837  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14837
CVE-2020-14812  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14812
CVE-2020-14829  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14829
CVE-2020-14821  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14821
CVE-2020-14814  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14814
CVE-2020-14809  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14809
CVE-2020-14786  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14786
CVE-2020-14804  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14804
CVE-2020-14790  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14790
CVE-2020-14785  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14785
CVE-2020-14789  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14789
CVE-2020-14793  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14793
CVE-2020-14794  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14794
CVE-2020-14776  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14776
CVE-2020-14777  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14777
CVE-2020-14672  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14672
CVE-2020-14773  4.9  medium  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14773
CVE-2020-14873  4.4  medium  CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14873
CVE-2020-14867  4.4  medium  CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H  https://nvd.nist.gov/vuln/detail/CVE-2020-14867
CVE-2020-14838  4.3  medium  CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N  https://nvd.nist.gov/vuln/detail/CVE-2020-14838
CVE-2020-14860  2.7  low     CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N  https://nvd.nist.gov/vuln/detail/CVE-2020-14860
CVE-2020-14791  2.2  low     CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L  https://nvd.nist.gov/vuln/detail/CVE-2020-14791
CVE-2020-14771  2.2  low     CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L  https://nvd.nist.gov/vuln/detail/CVE-2020-14771
CVE-2019-14775 failed because 404 Not Found
CVE-2020-14853 failed because 404 Not Found

Supported Sources

NVD -- NIST National Vulnerability Database

This is the default source. You can set it explicitly by passing --source nvd as a command line argument.

RedHat -- RedHat Security Database

This source can be set by passing --source redhat as a command line argument.

Installation

Please install Rust via rustup and then run

cargo install --git https://github.com/lukaspustina/cve-scorer

Postcardware

You're free to use cve-scorer. If you find it useful, I would highly appreciate you sending me a postcard from your hometown mentioning how you use cve-scorer. My work address is

Lukas Pustina
CenterDevice GmbH
Rheinwerkallee 3
53227 Bonn
Germany

pombredanne / cve-scorer Goto Github PK

cve-scorer's Introduction

CVE-Scorer

About

Example

Supported Sources

NVD -- NIST National Vulnerability Database

RedHat -- RedHat Security Database

Installation

Postcardware

cve-scorer's People

Contributors

Watchers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent