pontos.nvd.cpe package

class pontos.nvd.cpe.CPEApi(*, token=None, timeout=Timeout(timeout=180.0), rate_limit=True)

API for querying the NIST NVD CPE information.

Should be used as an async context manager.

Example

from pontos.nvd.cpe import CPEApi

async with CPEApi() as api:
    cpe = await api.cpe(...)

Create a new instance of the CPE API.

Parameters:

  • token (str | None) – The API key to use. Using an API key allows to run more requests at the same time.

  • timeout (Timeout | None) – Timeout settings for the HTTP requests

  • rate_limit (bool) – Set to False to ignore rate limits. The public rate limit (without an API key) is 5 requests in a rolling 30 second window. The rate limit with an API key is 50 requests in a rolling 30 second window. See https://nvd.nist.gov/developers/start-here#divRateLimits Default: True.

async cpe(cpe_name_id)

Query for a CPE matching the CPE UUID.

Parameters:

cpe_name_id (str | UUID) – Returns a specific CPE record identified by a Universal Unique Identifier (UUID).

Return type:

CPE

Example

from pontos.nvd.cpe import CPEApi

async with CPEApi() as api:
    cpe = await api.cpe("87316812-5F2C-4286-94FE-CC98B9EAEF53")
    print(cpe)
Returns:

A single CPE matching the CPE UUID

Raises:

PontosError – If a CPE with the CPE UUID couldn’t be found.

Return type:

CPE

cpes(*, last_modified_start_date=None, last_modified_end_date=None, cpe_match_string=None, keywords=None, match_criteria_id=None, request_results=None, start_index=0, results_per_page=None)

Get all CPEs for the provided arguments

https://nvd.nist.gov/developers/products

Parameters:

  • last_modified_start_date (datetime | None) – Return all CPEs modified after this date.

  • last_modified_end_date (datetime | None) – Return all CPEs modified before this date. If last_modified_start_date is set but no last_modified_end_date is passed it is set to now.

  • cpe_match_string (str | None) – Returns all CPE names that exist in the Official CPE Dictionary.

  • keywords (List[str] | str | None) – Returns only the CPEs where a word or phrase is found in the metadata title or reference links.

  • match_criteria_id (str | None) – Returns all CPE records associated with a match string identified by its UUID.

  • request_results (int | None) – Number of CPEs to download. Set to None (default) to download all available CPEs.

  • start_index (int) – Index of the first CPE to be returned. Useful only for paginated requests that should not start at the first page.

  • results_per_page (int | None) – Number of results in a single requests. Mostly useful for paginated requests.

Returns:

A NVDResponse for CPEs

Return type:

NVDResults[CPE]

Examples

from pontos.nvd.cpe import CPEApi

async with CPEApi() as api:
    async for cpe in api.cpes(keywords=["Mac OS X"]):
        print(cpe.cpe_name, cpe.cpe_name_id)

    json = await api.cpes(request_results=10).json()

    async for cpes in api.cpes(
        cpe_match_string="cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
    ).chunks():
        for cpe in cpes:
            print(cpe)