CVE-Scorer
About
cve-scorer
helps you to assess CVEs by retrieving their CVSS scores.
Have you ever received an Ubuntu Security Notice for one project which contains 45 CVEs and you now have to decide if these affect you? cve-scorer
is here to help you!
Example
Example taken from Ubuntu Security Notice [USN-4604-1] MySQL vulnerabilities.
> cve-scorer --link --sort CVE-2019-14775 CVE-2020-14672 CVE-2020-14760 CVE-2020-14765 CVE-2020-14769 CVE-2020-14771 CVE-2020-14773 CVE-2020-14775 CVE-2020-14776 CVE-2020-14777 CVE-2020-14785 CVE-2020-14786 CVE-2020-14789 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 CVE-2020-14804 CVE-2020-14809 CVE-2020-14812 CVE-2020-14814 CVE-2020-14821 CVE-2020-14827 CVE-2020-14828 CVE-2020-14829 CVE-2020-14830 CVE-2020-14836 CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 CVE-2020-14848 CVE-2020-14852 CVE-2020-14853 CVE-2020-14860 CVE-2020-14861 CVE-2020-14866 CVE-2020-14867 CVE-2020-14868 CVE-2020-14869 CVE-2020-14870 CVE-2020-14873 CVE-2020-14878 CVE-2020-14888 CVE-2020-14891 CVE-2020-14893`
CVE-2020-14878 8 high CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14878
CVE-2020-14828 7.2 high CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14828
CVE-2020-14846 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14846
CVE-2020-14830 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14830
CVE-2020-14836 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14836
CVE-2020-14827 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N https://nvd.nist.gov/vuln/detail/CVE-2020-14827
CVE-2020-14800 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14800
CVE-2020-14769 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14769
CVE-2020-14765 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14765
CVE-2020-14775 6.5 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14775
CVE-2020-14760 5.5 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14760
CVE-2020-14893 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14893
CVE-2020-14891 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14891
CVE-2020-14888 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14888
CVE-2020-14870 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14870
CVE-2020-14869 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14869
CVE-2020-14868 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14868
CVE-2020-14866 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14866
CVE-2020-14852 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14852
CVE-2020-14845 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14845
CVE-2020-14861 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14861
CVE-2020-14848 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14848
CVE-2020-14839 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14839
CVE-2020-14844 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14844
CVE-2020-14837 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14837
CVE-2020-14812 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14812
CVE-2020-14829 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14829
CVE-2020-14821 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14821
CVE-2020-14814 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14814
CVE-2020-14809 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14809
CVE-2020-14786 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14786
CVE-2020-14804 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14804
CVE-2020-14790 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14790
CVE-2020-14785 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14785
CVE-2020-14789 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14789
CVE-2020-14793 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14793
CVE-2020-14794 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14794
CVE-2020-14776 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14776
CVE-2020-14777 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14777
CVE-2020-14672 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14672
CVE-2020-14773 4.9 medium CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14773
CVE-2020-14873 4.4 medium CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14873
CVE-2020-14867 4.4 medium CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H https://nvd.nist.gov/vuln/detail/CVE-2020-14867
CVE-2020-14838 4.3 medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N https://nvd.nist.gov/vuln/detail/CVE-2020-14838
CVE-2020-14860 2.7 low CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N https://nvd.nist.gov/vuln/detail/CVE-2020-14860
CVE-2020-14791 2.2 low CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L https://nvd.nist.gov/vuln/detail/CVE-2020-14791
CVE-2020-14771 2.2 low CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L https://nvd.nist.gov/vuln/detail/CVE-2020-14771
CVE-2019-14775 failed because 404 Not Found
CVE-2020-14853 failed because 404 Not Found
Supported Sources
NVD -- NIST National Vulnerability Database
This is the default source. You can set it explicitly by passing --source nvd
as a command line argument.
RedHat -- RedHat Security Database
This source can be set by passing --source redhat
as a command line argument.
Installation
Please install Rust via rustup and then run
cargo install --git https://github.com/lukaspustina/cve-scorer
Postcardware
You're free to use cve-scorer
. If you find it useful, I would highly appreciate you sending me a postcard from your hometown mentioning how you use cve-scorer
. My work address is
Lukas Pustina
CenterDevice GmbH
Rheinwerkallee 3
53227 Bonn
Germany