command
Version:
v0.0.0-...-d9869f8
Opens a new window with list of versions in this module.
Published: May 22, 2024
License: Apache-2.0
Opens a new window with license information.
Imports: 14
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
README
¶
Converting NVD CVEs for open source software to OSV
Further context at Introducing broad C/C++ vulnerability management support
See run_cve_to_osv_generation.sh for how this is invoked in Production.
To see it in action on a single CVE:
CVE=CVE-2024-3094
git clone --recurse-submodules https://github.com/google/osv.dev
cd osv.dev/vulnfeeds
mkdir /tmp/nvd /tmp/nvd2osv
(cd test_data && ./download_specific_cves $CVE)
mv test_data/nvdcve-2.0/${CVE}.json /tmp/nvd
gcloud storage cp "gs://osv-test-cve-osv-conversion/cpe_repos/cpe_product_to_repo.json" "/tmp"
go run cmd/nvd-cve-osv/main.go \
--cpe_repos "/tmp/cpe_product_to_repo.json" \
--nvd_json "/tmp/nvd/${CVE}.json" \
--out_dir "/tmp/nvd2osv"
cat /tmp/nvd2osv/*/*/${CVE}.json
Documentation
¶
There is no documentation for this package.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.