Vulnerability Lookup

Vulnerability Lookup#

Latest release License Stars Documentation Status

Presentation#

Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD). Vulnerability Lookup is also a collaborative platform where users can comment on security advisories and create bundles.

A Vulnerability Lookup instance operated by CIRCL is available at https://vulnerability.circl.lu.

Features#

  • API: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.

  • Feeders: Modular system to import vulnerabilities from different sources.

  • CVD process: Creation, edition and fork/copy of Security Advisories with the vulnogram editor. Support of local vulnerability source per Vulnerability Lookup instance.

  • Sightings: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as: seen, exploited, not exploited, confirmed, not confirmed, patched, and not patched.

  • Comments: Ability to add, review and share comments on vulnerability advisories.

  • Bundles: Possibility to create bundles of vulnerability advisories with a description.

  • RSS/Atom: An extensive RSS and Atom support for vulnerabilities and comments.

  • EPSS: Integration of the Exploit Prediction Scoring System score.

High level architecture

Why Vulnerability Lookup ?#

Vulnerability Lookup is a rewritten version of cve-search, an open-source tool initially aimed at maintaining a local CVE database. The original cve-search had design and scalability limitations, and its public instance operated by CIRCL is maxing out at 20,000 queries per second.

As vulnerability sources have diversified beyond the NVD CVE, a new tool was needed to support the CVD process, allowing for bundling, commenting, publishing, and extending vulnerability information in a collaborative manner.

Contact#

CIRCL - Computer Incident Response Center Luxembourg - info@circl.lu

License#

Vulnerability Lookup is licensed under GNU Affero General Public License version 3.