Vulnerability-Lookup
Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources,
independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
Vulnerability-Lookup is also a collaborative platform where users can comment on security advisories and create bundles.
A Vulnerability-Lookup instance operated by CIRCL
is available at https://vulnerability.circl.lu.
Features
- API: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.
- Feeders: Modular system to import vulnerabilities from different sources.
- CVD process: Creation, edition and fork/copy of Security Advisories with the vulnogram editor.
Support of local vulnerability source per Vulnerability-Lookup instance.
- Sightings: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as:
seen, exploited, not exploited, confirmed, not confirmed, patched, and not patched.
- Comments: Ability to add, review and share comments on vulnerability advisories.
- Bundles: Possibility to create bundles of vulnerability advisories with a description.
- RSS/Atom: An extensive RSS and Atom support for vulnerabilities and comments.
- EPSS: Integration of the Exploit Prediction Scoring System.
The official documentation is available here.
Sources and Feeders
- CISA Known exploited vulnerability DB (via HTTP).
- NIST NVD CVE importer (via API 2.0).
- CVEProject - cvelist (via git submodule repository).
- Cloud Security Alliance - GSD-Database (via git submodule repository).
- GitHub Advisory Database (via git submodule repository).
- PySec Advisory Database (via git submodule repository).
- OpenSSF Malicious Packages (via git submodule repository)
- Additional sources via CSAF including CERT-Bund, CISA, Cisco, nozominetworks, Open-Xchange, Red Hat, Sick, Siemens, NCSC-NL.
- VARIoT IoT vulnerabilities database.
- JVN iPedia, Japan database of vulnerability countermeasure information.
- Tailscale security bulletins.
- CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification)
Sighting Sources
Vulnerability-Lookup facilitates the recording of vulnerability sightings, regardless of whether they have been published by a source.
A suite of sighting clients is already available to support this functionality:
If you want to create your own sigthing tool, it’s recommended to use PyVulnerabilityLookup,
a Python library to access Vulnerability-Lookup via its REST API.
Installation
Requirements
Installation instructions are available in the documentation.
Architecture
License
Vulnerability-Lookup is free software released under the “GNU Affero General Public License v3.0”.
Copyright (c) 2023-2024 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (c) 2023-2024 Alexandre Dulaunoy - https://github.com/adulau
Copyright (c) 2023-2024 Raphaël Vinot - https://github.com/Rafiot
Copyright (c) 2024 Cédric Bonhomme - https://github.com/cedricbonhomme