Skip to content

Intevation/csaf-cve-comparison

Repository files navigation

CSAF CVE Description Compare Tool

A small web tool to compare the CVE descriptions in CSAF documents with the descriptions in CVE databases.

How it works

  • Upload a CSAF document
  • The tool extracts the referenced CDE IDs and descriptions
  • For each vulnerability, it loads the CVE descriptions from a CVE API
  • The tools highlights the differences
  • Press a button to overwrite the CVE description in the CSAF document with the description from the CVE database
  • Download the updated CSAF document

Dev notes

It uses docker compose and port 48050.

License

 SPDX-License-Identifier: Apache-2.0

 SPDX-FileCopyrightText: 2024 German Federal Office for Information Security (BSI) <https://www.bsi.bund.de>
 Software-Engineering: 2024 Intevation GmbH <https://intevation.de>

About

Compare CVE descriptions of CSAF documents with CVE databases

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors