Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 07:22
    j41r0r0d opened #366
  • Aug 21 18:44
    adulau commented #362
  • Aug 21 08:23
    IoT-junkrat commented #362
  • Aug 20 17:13
    adulau commented #362
  • Aug 20 17:13
    adulau commented #362
  • Aug 20 12:00
    IoT-junkrat commented #362
  • Aug 20 12:00
    IoT-junkrat commented #362
  • Aug 20 11:48
    IoT-junkrat commented #362
  • Aug 20 11:48
    IoT-junkrat commented #362
  • Aug 20 10:42
    MajidKhanBurki commented #363
  • Aug 20 10:11
    adulau commented #362
  • Aug 20 09:54
    IoT-junkrat commented #362
  • Aug 20 09:41
    adulau commented #362
  • Aug 20 09:29
    adulau closed #363
  • Aug 20 09:29
    adulau commented #363
  • Aug 19 10:03
    IoT-junkrat commented #362
  • Aug 18 08:15

    adulau on master

    chg: [search_cpe] references ad… (compare)

  • Aug 18 07:54

    adulau on master

    chg: [db_mgmt_json] minor fixes… (compare)

  • Aug 17 09:46

    adulau on master

    chg: [doc] README updated with … (compare)

  • Aug 17 06:49

    adulau on master

    chg: [source] fix CPE v2.3 url (compare)

CriimBow
@CriimBow
Untitled Diagram.jpg
What I first said
How now I see the solution :
Untitled Diagram(1).jpg
Pidgey
@PidgeyL
so almost the same, but you'd put it directly in the CVE-db?
CriimBow
@CriimBow
Yes and maybe add an attribute like "It's not a NVD vuln"
Do you want 3 seperated DB ?
CriimBow
@CriimBow
Or just one including the 3 categories ?
Pidgey
@PidgeyL
collections in the database, yes. Not separate databases
CriimBow
@CriimBow
Yes we were okay
Where as I imagine 2 collections and in the CVE collection an attribute like : "NVD": "Yes or No"
Pidgey
@PidgeyL
and run clean-up scripts when people want to disable the feature again after testing it?
CriimBow
@CriimBow
Yes, why not
You should probably contact @adulau by email because the last time he didn't answer (on the question of his conference where he was talking about vuln geolocation)
Pidgey
@PidgeyL
because you could organize the data in other ways, that allows for smooth re-orientation of data, without the need for clean-up scripts. One of the things I'm thinking about, is that not all sources have all the data, but some may be more credible than others. This would allow for a cascading data source (xforce provides the CVSS, microsoft provides the summary, etc)
I DM'd him on twitter as well
CriimBow
@CriimBow
Yes, but the problem is that we'll have duplicate CVEs when they come out on the NVD and were already in the blue DB (non-NVD DB)
Pidgey
@PidgeyL
not necessarily. All it takes to avoid that is to put a plug-in hook in the db_updater script
CriimBow
@CriimBow
I don't know
For me, a same CVE collection remains the best solution because if you don't want it you just have not to run the plug in. And if you want the plugin, you only have to look at one place to get all your CVEs.
And if you (by a BIG MISTAKE) run the plugin and want to delete the non-oficial CVEs, you just have to run the clean-up script
CriimBow
@CriimBow
Do you have some news ?
Steve Clement
@SteveClement
I shall bump this ;)
Steve Clement
@SteveClement
This issue can be closed: cve-search/cve-search#272
I will go through the issues while trying to get cve-search working on my side.
It currently does not work if you follow the README.
Steve Clement
@SteveClement
FYI: There is apparently an imminent backend change that will make things work more smoothly.
Cyrille Bollu
@StCyr
@SteveClement I've written a PR to improve the documentation: cve-search/cve-search#311
Jean-Christophe-P
@Jean-Christophe-P
Hello
Is there still a few people around here? :-)
Is there any other way to get support? A forum, a wiki, else ?
I'm having some difficulties to make this work behind a proxy. It should not be so complicated but I have issue I can't work around.
Philippe Ombredanne
@pombredanne
@Jean-Christophe-P welcome :)
Steve Clement
@SteveClement
Not sure...
I personally have no proxy setup, but as the proxy thing seems to pop-up regularly, I guess I need to arrange something....
gustavokotarsky
@gustavokotarsky
api is down?
Pidgey
@PidgeyL
@gustavokotarsky we've been having a lot of traffic, and lately cve.circl.lu started to throttle to handle the load
pranavmondhe
@pranavmondhe
Hi guys i want to use this cve-search tool on my yocto image. Are there any steps to do?
Philippe Ombredanne
@pombredanne
@pranavmondhe can you be more specific?
pranavmondhe
@pranavmondhe
@pombredanne Hi Thanks for reaching out to me. My plan is to run the script on yocto O.S which has kernel -v3.14.28 to get so CVEs. I am running python 2.7 on yocto.
Philippe Ombredanne
@pombredanne
@pranavmondhe but which script are you talking about?
cve-search is not a code scan tool :)
pranavmondhe
@pranavmondhe
@pombredanne Okay so on this site : https://github.com/cve-search/cve-search . Do this tool searches for CVE on yocto embedded image?
Philippe Ombredanne
@pombredanne
@pranavmondhe absolutely not. This tools aggregates CVE-related data from multiple sources and provides a correlated data model that is exposed as a web app and JSON API at https://cve.circl.lu/
@pranavmondhe now if you have the list of packages and versions installed on your device, then you could use it to search for CVE.
pranavmondhe
@pranavmondhe
@pombredanne Okay- so i think this tool is not for me i suppose. :(
Philippe Ombredanne
@pombredanne
@pranavmondhe there is no FOSS tool that I know of that does what you need. For yocto this would have to be part of the build
pranavmondhe
@pranavmondhe
@pombredanne Fair point. Thanks. We have third party vendor who builds yocto image on our linux embedded system(ARM), so i thought if there is any direct tool in python/shell script if i can run on the yocto image itself and see for CVEs.
Okay - i my next goal is to built up the yocto image, include python3 and add cve layer init and scan through for CVEs i suppose.
Philippe Ombredanne
@pombredanne
that would be the only sane way I can think of :)