Check the NVD for vulnerabilites based on a provided checklist file and output results to text or PDF
NOTE: This project is currently in BETA.. please stand by...
This project is designed to assist with searching the National Vulnerability Database (NVD) and getting vulnerability info for the products that matter to you
If there's errors or anything like that, feel free to put up and issue or contact me personally. This is a personal project of sorts but I know how useful it can be
Please be patient since this will be the first npm cli-type project I've worked on. I'll be testing as I can
You can install this cli program via npm:
npm install -g nvd-cli
$ nvd-cli --help
Usage: nvd-cli <primary flag> <primary flag arg> [optional flags]
-f, --full Conduct a full search against the default or provided
checklist for a given <year> arg
-r, --recent Search for vulnerabilaties in the NVD recent category using default
or provided checklist
-s, --search Specifically search for an NVD vulnerability matching the providded
<product> or <vendor> string and optional <year> arg
- OPTIONAL PARAMETERS -
-o, --output Change the nvd-cli output file name and/or location
-c, --checklist Change the nvd-cli checklist file name and/or location
-t, --type Change the output type for the NVD report (.pdf or .txt)
- MISC PARAMETERS -
-h, --help, help Display this help text or try -h <command>
-v, --version Get the version of nvd-cli you are currently running
For more help on a specific command/arg type help <command> without the '-' or '--'
TODO: Add configuration info
NOTE: The default checklist.json is just used for testing!!
When providing a checklist, the .json file should look something like this:
[
{
"manufacturerName": "nodejs",
"softwareName": "node.js"
},
{
"manufacturerName": "microsoft",
"softwareName": "windows_xp"
},
{
"manufacturerName": "redhat",
"softwareName": "enterprise_linux"
}
]
0.4.1
0.4.0
help <command> functionality. There's likely typos/errors. If you find any let me know-h (--help) informationnpm0.3.5
-t (--type) optional flag for changing the output type0.3.2
0.3.1
-s now requires at least 3 characters to search by-s flag wasn't actually searching the passed year0.3.0
-s functionality has been (mostly) implimented-v flag will now show the version of nvd-cli installed0.2.0
-f and -r args work as before if not better than before-c and -o commands for setting a custom checklist and output location have been added0.1.2
help <command> not yet working0.1.0
0.0.1
FAQs
Check the NVD for vulnerabilites based on a providedsearch term and output results to PDF
The npm package nvd-cli receives a total of 0 weekly downloads. As such, nvd-cli popularity was classified as not popular.
We found that nvd-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.
Security News
require(esm) backported to Node.js 20, easing the transition to ESM-only packages and reducing complexity for developers as Node 18 nears end-of-life.
Security News
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.