NIST::NVD::Query - Query the NVD database
Version 0.07
This module allows you to look up vulnerability data from the NVD database
use NIST::NVD::Query; # use convert_nvdcve to generate these files from the XML dumps at # http://nvd.nist.gov/download.cfm my( $path_to_db, $path_to_idx_cpe ) = @ARGV; my $q = NIST::NVD::Query->new( store => $some_store, %args ); # Given a Common Platform Enumeration urn, returns a list of known # CVE IDs my $cve_id_list = $q->cve_for_cpe( cpe => 'cpe:/a:zaal:tgt:1.0.6' ); my @entry; foreach my $cve_id ( @$cve_id_list ){ # Given a CVE ID, returns a CVE entry my $entry = $q->cve( cve_id => $cve_id ); push( @entry, $entry ); print $entry->{'vuln:summary'}; }
database: path to BDB database of NVD entries idx_cpe: path to BDB database of mappings from CPE URNs to CVE IDs
my $q = NIST::NVD::Query->new( database => $path_to_db, idx_cpe => $path_to_idx_cpe, );
Returns a list of CVE IDs for a given CPE URN.
cpe: CPE URN Example: 'cpe:/a:zaal:tgt:1.0.6'
Returns a reference to an array of CVE IDs. Example:
$cve_id_list = [ 'CVE-1999-1587', 'CVE-1999-1588', ]
my $cve_id_list = $q->cve_for_cpe( cpe => 'cpe:/a:zaal:tgt:1.0.6' );
cve_id: CPE URN Example: 'CVE-1999-1587'
Returns a reference to a hash representing a CVE entry:
my $nvd_cve_entry = { 'vuln:vulnerable-configuration' => [ ... ], 'vuln:vulnerable-software-list' => [ ... ], 'vuln:cve-id' => 'CVE-1999-1587', 'vuln:discovered-datetime' => '...', 'vuln:published-datetime' => '...', 'vuln:last-modified-datetime' => '...', 'vuln:cvss' => {...}, 'vuln:cwe' => 'CWE-ID', 'vuln:references' => [ { attr => {...}, 'vuln:references' => [ {...}, ... ], 'vuln:source' => '...', } ], 'vuln:summary' => '...', 'vuln:security-protection' => '...', 'vuln:assessment_check' => { 'check0 name' => 'check0 value', ... }, 'vuln:scanner', => [ { 'vuln:definition' => { 'vuln attr0 name' => 'vuln attr0 value' ... } } ], };
C.J. Adams-Collier, <cjac at f5.com>
<cjac at f5.com>
Please report any bugs or feature requests to bug-nist-nvd at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=NIST-NVD. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
bug-nist-nvd at rt.cpan.org
You can find documentation for this module with the perldoc command.
perldoc NIST::NVD::Query
You can also look for information at:
Common Vulnerabilities and Exposures
http://cve.mitre.org/
Common Platform Enumeration
http://cpe.mitre.org/
NIST National Vulnerability Database
http://nvd.nist.gov/download.cfm
RT: CPAN's request tracker
http://rt.cpan.org/NoAuth/Bugs.html?Dist=NIST-NVD
AnnoCPAN: Annotated CPAN documentation
http://annocpan.org/dist/NIST-NVD
CPAN Ratings
http://cpanratings.perl.org/d/NIST-NVD
Search CPAN
http://search.cpan.org/dist/NIST-NVD/
Copyright 2011, 2012 F5 Networks, Inc.
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.
To install NIST::NVD, copy and paste the appropriate command in to your terminal.
cpanm
cpanm NIST::NVD
CPAN shell
perl -MCPAN -e shell install NIST::NVD
For more information on module installation, please visit the detailed CPAN module installation guide.