npm
Sign UpSign In

nvd-search

2.2.0 • Public • Published

nvd-search Tests

Node module to fetch, cache, and search the NIST National Vulnerability Database.

Usage

new NVD(config);

Create a new instance of the NVD class, you may supply an optional config object.

nvd.sync(callback, progress)

Sync the local cache with the remote NIST feeds.

If a progress function is supplied, it is called after each feed has been handled.

const NVD = require('nvd-search');
const nvd = new NVD();
nvd.sync((error, results) => {
  if (error) {
    return console.error(error);
  }
  // remote files synced, likely want
  // to call `nvd.search()` now
});

nvd.search(id, callback)

Find a specific CVE within the local cached feeds.

nvd.search('CVE-2019-12780', (error, results) => {
  if (error) {
    return console.error(error);
  }
  console.log(results.data); // feed data
});

Configuration Options

You can provide a configuration object to the constructor: NVD(). The following options are honored:

config.feeds

An array of strings, each representing a feed to download, cache, and search. You likely don't want to change this option.

Default:

feeds: [
  '2002',
  '2003',
  '2004',
  '2005',
  '2006',
  '2007',
  '2008',
  '2009',
  '2010',
  '2011',
  '2012',
  '2013',
  '2014',
  '2015',
  '2016',
  '2017',
  '2018',
  '2019',
  '2020',
  '2021',
  '2022',
  'modified',
  'recent'
]

config.schemaVersion

Feed schema version to use in paths, currently tested with versions 1.0 and 1.1

Default:

schemaVersion: '1.1'

config.rootPath

The URL prefix to use when fetching remote feeds. You might want to change this if you host your own local cache.

Default:

rootPath: 'https://nvd.nist.gov/feeds/json/cve/'

config.cacheDir

The directory to use when caching the feeds locally. If this is not supplied, the environment variable XDG_CACHE_HOME is used if defined, otherwise the fallback of ~.cache/nvd is used.

config.fetchLimit

When fetching remote feeds, only fetch this many files in parallel. NIST often will throttle and/or disconnect clients making too many connections.

Default:

fetchLimit: 2

config.persistAll

Save all files fetched from rootPath, useful for mirroring the feeds.

Default:

persistAll: false

See also

Readme

Keywords

none

Package Sidebar

Install

npm i nvd-search

Repository

github.com/travispaul/node-nvd

Homepage

github.com/travispaul/node-nvd#readme

Weekly Downloads

113

Version

2.2.0

License

BSD-2-Clause

Unpacked Size

4.96 MB

Total Files

16

Last publish

Collaborators

  • tpaul
Try on RunKit
Report malware