Vulnerability-Lookup Service - Multi-Source Vulnerability Lookup and Collaboration

Vulnerability-Lookup Service: Multi-Source Vulnerability Lookup and Collaboration

Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).

CIRCL CVE logo

vulnerability-lookup is accessible via a web interface, RSS/Atom and an HTTP API. vulnerability-lookup is an interface to search publicly known information from security vulnerabilities in software and hardware along with their corresponding exposures. You can also register and collaborate on the vulnerability intelligence by adding comments or even reporting vulnerabilities.

Sources and Feeders

vulnerability-lookup is a public service operated by CIRCL.

Public Web API of vulnerability-lookup

The HTTP API outputs JSON and described as an OpenAPI. The API is fully documented at the following location https://vulnerability.circl.lu/api. No authentication is required for the public exposed functions and authentication is required for the specific user API requests such as adding comments, bundle and user management. For more documentation about the project, ihttps://www.vulnerability-lookup.org/ is the official webpage of the project.

Browse vendor and product

To get a JSON with all the vendors:

curl https://vulnerability.circl.lu/api/browse

To get a JSON with all the products associated to a vendor:

curl https://vulnerability.circl.lu/api/browse/microsoft

Browse CVEs per vendor/product

To get a JSON with all the vulnerabilities per vendor and a specific product:

curl https://vulnerability.circl.lu/api/search/microsoft/office

Get CVE per CVE-ID

To get a JSON of a specific CVE ID:

curl https://vulnerability.circl.lu/api/cve/CVE-2010-3333

Get the last updated CVEs

To get a JSON of the last 30 CVEs including CAPEC, CWE and CPE expansions:

curl https://vulnerability.circl.lu/api/last

Get more information about the current CVE database

To get more information about the current databases in use and when it was updated:

curl https://vulnerability.circl.lu/api/dbInfo

Do you log search queries?

Yes, we do log the search queries to debug our software and acquire statistics about software vulnerabilities trending.

Where is the source code of the vulnerability-lookup software?

vulnerability-lookup source is open source and available on GitHub and CIRCL Forge.

A documentation is available here.

The original service was using cve-search source code is available on GitHub. We created vulnerability-lookup to facilitate multi sources and improve the performance of the service.

Is there a full dumps of the vulnerability-lookup sources?

You can access the full dumps per source from the vulnerability-lookup dumps.

Is there a library to access vulnerability-lookup service?

Yes, the Python library is accessible via PyVulnerabilityLookup

Feed syndication in RSS and Atom

Available feeds

Endpoint Methods Rule
bundles_bp.feed_bundles GET /bundles/feed.<string:format>[?user=<login>]
comments_bp.feed_comments GET /comments/feed.<string:format>[?user=<login>]
user_bp.feed_activity GET /user/<string:login>.<string:format>
home_bp.feed_recent GET /recent/<string:source>.<string:format>[?vulnerability=<vuln-id>]

The value of format can be rss or atom.

The value of source can be one of the following: “all”, “github”, “cvelistv5”, “nvd”, “pysec”, “gsd”, “ossf_malicious_packages”, “csaf_certbund”, “csaf_siemens”, “csaf_redhat”, “csaf_cisa”, “csaf_cisco”, “csaf_sick”, “csaf_nozominetworks”, “csaf_ox”, “variot”.

Examples

Recent vulnerabilities from all sources

$ curl https://vulnerability.circl.lu/recent/all.atom

Recent vulnerabilities from pysec

$ curl https://vulnerability.circl.lu/recent/pysec.atom
$ curl 'https://vulnerability.circl.lu/recent/cvelistv5.atom?vendor=MISP&per_page=2&page=8'
<?xml version='1.0' encoding='UTF-8'?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/rss/recent/cvelistv5/2</id>
  <title>Most recent entries from cvelistv5</title>
  <updated>2024-07-19T07:54:55.493975+00:00</updated>
  <author>
    <name>Vulnerability Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 2 recent entries.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/vuln/cve-2023-24027</id>
    <title>cve-2023-24027</title>
    <updated>2024-07-19T07:54:55.497533+00:00</updated>
    <link href="https://vulnerability.circl.lu/vuln/cve-2023-24027"/>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/vuln/cve-2022-48329</id>
    <title>cve-2022-48329</title>
    <updated>2024-07-19T07:54:55.497430+00:00</updated>
    <link href="https://vulnerability.circl.lu/vuln/cve-2022-48329"/>
  </entry>
</feed>

Recent vulnerabilities linked to a specified vulnerability

$ curl 'https://vulnerability.circl.lu/recent/all.atom?vulnerability=cve-2021-22280'
<?xml version='1.0' encoding='UTF-8'?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/rss/recent/all/10</id>
  <title>Most recent entries from all</title>
  <updated>2024-07-19T07:55:40.707915+00:00</updated>
  <author>
    <name>Vulnerability Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent entries.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/vuln/ghsa-x53h-2cjp-mwcx</id>
    <title>ghsa-x53h-2cjp-mwcx</title>
    <updated>2024-07-19T07:55:40.721682+00:00</updated>
    <link href="https://vulnerability.circl.lu/vuln/ghsa-x53h-2cjp-mwcx"/>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/vuln/gsd-2021-22280</id>
    <title>gsd-2021-22280</title>
    <updated>2024-07-19T07:55:40.721638+00:00</updated>
    <link href="https://vulnerability.circl.lu/vuln/gsd-2021-22280"/>
  </entry>
</feed>