pontos.nvd.cve package

class pontos.nvd.cve.CVEApi(*, token=None, timeout=Timeout(timeout=180.0), rate_limit=True)

API for querying the NIST NVD CVE information.

Should be used as an async context manager.

Example

from pontos.nvd.cve import CVEApi

async with CVEApi() as api:
    cve = await api.cve("CVE-2022-45536")

Create a new instance of the CVE API.

Parameters:

  • token (str | None) – The API key to use. Using an API key allows to run more requests at the same time.

  • timeout (Timeout | None) – Timeout settings for the HTTP requests

  • rate_limit (bool) – Set to False to ignore rate limits. The public rate limit (without an API key) is 5 requests in a rolling 30 second window. The rate limit with an API key is 50 requests in a rolling 30 second window. See https://nvd.nist.gov/developers/start-here#divRateLimits Default: True.

cves(*, last_modified_start_date=None, last_modified_end_date=None, published_start_date=None, published_end_date=None, cpe_name=None, is_vulnerable=None, cvss_v2_vector=None, cvss_v2_severity=None, cvss_v3_vector=None, cvss_v3_severity=None, keywords=None, cwe_id=None, source_identifier=None, virtual_match_string=None, has_cert_alerts=None, has_cert_notes=None, has_kev=None, has_oval=None, request_results=None, start_index=0, results_per_page=None)

Get all CVEs for the provided arguments

https://nvd.nist.gov/developers/vulnerabilities#divGetCves

Parameters:

  • last_modified_start_date (datetime | None) – Return all CVEs modified after this date.

  • last_modified_end_date (datetime | None) – Return all CVEs modified before this date. If last_modified_start_date is set but no last_modified_end_date is passed it is set to now.

  • published_start_date (datetime | None) – Return all CVEs that were added to the NVD (i.e., published) after this date.

  • published_end_date (datetime | None) – Return all CVEs that were added to the NVD (i.e., published) before this date. If published_start_date is set but no published_end_date is passed it is set to now.

  • cpe_name (str | None) – Return all CVEs associated with a specific CPE. The exact value provided with cpe_name is compared against the CPE Match Criteria within a CVE applicability statement. If the value of cpe_name is considered to match, the CVE is included in the results.

  • is_vulnerable (bool | None) – Return only CVEs that match cpe_name that are vulnerable. Requires cpe_name to be set.

  • cvss_v2_vector (str | None) – Return all CVEs matching this CVSSv2 vector

  • cvss_v2_severity (Severity | None) – Return all CVEs matching the CVSSv2 severity

  • cvss_v3_vector (str | None) – Return all CVEs matching this CVSSv3 vector

  • cvss_v3_severity (Severity | None) – Return all CVEs matching the CVSSv3 severity

  • keywords (List[str] | str | None) – Returns only the CVEs where a word or phrase is found in the current description.

  • cwe_id (str | None) – Returns only the CVEs that include a weakness identified by Common Weakness Enumeration using the provided cwe_id.

  • source_identifier (str | None) – Returns CVEs where the exact value of source_identifier appears as a data source in the CVE record. For example: cve@mitre.org

  • virtual_match_string (str | None) – Filters CVEs more broadly than cpe_name. The exact value of virtual_match_string is compared against the CPE Match Criteria present on CVE applicability statements. If cpe_name and virtual_match_string are provided only cpe_name is considered.

  • has_cert_alerts (bool | None) – Returns the CVEs that contain a Technical Alert from US-CERT.

  • has_cert_notes (bool | None) – Returns the CVEs that contain a Vulnerability Note from CERT/CC.

  • has_kev (bool | None) – Returns the CVE that appear in CISA’s Known Exploited Vulnerabilities (KEV) Catalog.

  • has_oval (bool | None) – Returns the CVEs that contain information from MITRE’s Open Vulnerability and Assessment Language (OVAL) before this transitioned to the Center for Internet Security (CIS).

  • request_results (int | None) – Number of CVEs to download. Set to None (default) to download all available CVEs.

  • start_index (int) – Index of the first CVE to be returned. Useful only for paginated requests that should not start at the first page.

  • results_per_page (int | None) – Number of results in a single requests. Mostly useful for paginated requests.

Returns:

A NVDResponse for CVEs

Return type:

NVDResults[CVE]

Examples

from pontos.nvd.cve import CVEApi

async with CVEApi() as api:
    async for cve in api.cves(keywords=["Mac OS X", "kernel"]):
        print(cve.id)

    json = await api.cves(
        cpe_name="cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:*",
    ).json()

    async for cves in api.cves(
        virtual_match_string="cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:*",
    ).chunks():
        for cve in cves:
            print(cve)
async cve(cve_id)

Returns a single CVE matching the CVE ID. Vulnerabilities not yet published in the NVD are not available.

Parameters:

cve_id (str) – Common Vulnerabilities and Exposures identifier

Returns:

A CVE matching the CVE ID

Raises:

PontosError – If CVE ID is empty or if no CVE with the CVE ID is found.

Return type:

CVE

Example

from pontos.nvd.cve import CVEApi

async with CVEApi() as api:
    cve = await api.cve("CVE-2022-45536")
    print(cve)