Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
Homepage
Download
Recent Releases
2.3.018 Dec 2024 15:25
minor feature:
Release 2.3.0 (2024-12-17)
What's New:
Pub/Sub Mechanism:
A streaming service implemented using a Publish/Subscribe (Pub/Sub) pattern powered by Valkey.
Available channels: vulnerability, comment, bundle, and sighting.
For more details, see the documentation.
( #92 ).
- FediVuln now supports streaming information from a Valkey Pub/Sub service or an authenticated HTTP event-stream (both provided by Vulnerability-Lookup internals) to the Fediverse. Templates are used to render statuses, with the appropriate template selected based on the channel where the event originates.
CISA Vulnrichment importer (as meta for CVE):
The CISA Vulnrichment project is the public repository of CISA's enrichment.
of public CVE records through CISA's ADP (Authorized Data Publisher) container.
In this phase of the project, CISA is assessing new and recent CVEs and adding.
key Stakeholder-Specific Vulnerability Categorization (SSVC).
decision points. Once scored, some higher-risk CVEs will also receive.
enrichment of CWE and/or CVSS data points, where possible.
The web interface will highlight this information related to the CVEs in the next release.
More information.
( #42 ).
CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification) importers.
( #97 ).
New NCSC-NL CSAF Importer:
( #94 ).
New Route:
`/api/vulnerability/cpesearch/ lt;string:cpe gt;` to retrieve vulnerabilities by CPE (Common Platform Enumeration).
( 41f8471 (41f8471)).
New Website:
A brand-new website featuring announcements and official documentation:
https://www.vulnerability-lookup.org.
Changes:
Improved lookup for the `cvelistv5_view` macro description.
( f4a929c (f4a929c)).
Added the ability for users to specify a source for sightings.
( 2be4eef (2be4eef)).
Updated `kvrocks` configuration with Docker support.
( f864138 (f864138)).
Added new with_linked, with_comments, with_bundles, and with_sightings arguments to the Vulnerability res
2.2.013 Dec 2024 07:05
minor feature:
Release 2.2.0 (2024-11-28)
What's New.
Identity:
- Vulnerability-Lookup now has a beautiful new logo.
New Statistics Namespace:
The API now offers a dedicated namespace for statistics. Two new endpoints are currently available:
- `/api/stats/vulnerability/most_sighted`.
- `/api/stats/vulnerability/most_commented`.
Both endpoints provide the option to return results in a Markdown table format.
( commit 7a2b8ed (7a2b8ed).
commit d95b49c (d95b49c)).
You can use the API output directly to generate PDF reports:
``bash.
curl -s -X 'GET' 'https://vulnerability.circl.lu/api/stats/vulnerability/most_sighted?date_from=2024-07-01 amp;output=markdown' pandoc --from=markdown --to=pdf -o semestrial-report.pdfO.
09 Dec 2024 07:14
minor feature: