This project is a REST API designed to quickly fetch & follow Common Vulnerabilities and Exposures from years 1999-2022. It aims to make accessing CVE data as quickly and easily as possible.
Integrate it with your existing project(s) or use it for data visualization and analysis. Available to anyone for any kind of purpose.
Warning This application is not meant to be run and used in production! Development and study environment only.
For every approach you need to clone the repository.
> git clone
- Create and start containers using
docker compose
. Run this command from root level of the app where docker-compose.yml resides.
> docker compose up
- Get a
bash shell
in active container and run unit tests to see if everything works as supposed.
> docker exec -it rest_api /bin/bash
> pytest -v
... or run one command inside the container without interactive shell.
> docker exec rest_api pytest v
- Create virtualenv, activate it and install requirements from file.
> virtualenv venv
> .\venv\scripts\activate
> pip install -r requirements.txt
- Setup & populate MongoDB.
> mongorestore --db cve <path_to_dump_folder>
- Run
unit tests
to ensure that everything works properly.
> pytest -v
- Run the application using flask cli:
Note Since all flask environment variables are already specified in .flaskenv file, we don't have to assign them manually.
> flask run
# by default, flask's built in server run on port 5000, you can change it to whatever port you want
> flask run -p 8080
In order to request CVE, register new user and then log in to obtain access token.
> curl -X POST -i -H "Content-Type: application/json" -d "{""username"": ""..."", ""password"": ""...""}" http://ip:port/user/register
> curl -X POST -i -H "Content-Type: application/json" -d "{""username"": ""..."", ""password"": ""...""}" http://ip:port/user/login
> curl -X GET -i -H "token: <token_id>" http://ip:port/cve?amount=5
> curl -X DELETE -i -H "Content-Type: application/json" -d "{""username"":""..."", ""password"":""...""}" http://ip:port/user/delete
> curl -X PATCH -i -H "Content-Type: application/json" -d "{""username"":""..."", ""password"":""..."", ""new_username"":""...""}" http://ip:port/user/update
Any kind of contribution/idea is welcome and appreciated. Create new ticket via GitHub Issues or contact by e-mail.