PyVulnerabilityLookup

Presentation

PyVulnerabilityLookup is a Python library to access Vulnerability-Lookup via its REST API.

Usage

Initialize a PyVulnerabilityLookup object

from pyvulnerabilitylookup import PyVulnerabilityLookup
vuln_lookup = PyVulnerabilityLookup("https://vulnerability.circl.lu/", token="<YOUR-API-TOKEN>")

Retrieve sightings for a specific vulnerability

sighting_cve_list = vuln_lookup.get_sightings(vuln_id='CVE-2024-9474')
print(sighting_cve_list)

Output:

{
    "metadata": {
        "count": 104,
        "page": 1,
        "per_page": 1000
    },
    "data": [
        {
            "uuid": "b804f360-9d9f-4326-a1ae-e32fb82e268b",
            "creation_timestamp": "2024-11-18T22:19:16.087185+00:00",
            "type": "seen",
            "source": "https://feedsin.space/feed/CISAKevBot/items/2704494",
            "vulnerability": "CVE-2024-9474",
            "author": {
                "login": "automation",
                "name": "Automation user",
                "uuid": "9f56dd64-161d-43a6-b9c3-555944290a09"
            }
        }
    ]
}

Create a new sighting

sighting = {"type": "exploited", "source": "<source-of-the-sighting>", "vulnerability": 'CVE-2024-9474'}
created_sighting = vuln_lookup.create_sighting(sighting=sighting)
print(created_sighting)

Output:

{
    "metadata": {
        "count": 1,
        "page": 1,
        "per_page": 1000
    },
    "data": [
        {
            "uuid": "b498cb64-9cbc-423a-aea0-bf58d740c024",
            "creation_timestamp": "2024-11-19T10:45:45.634635+01:00",
            "type": "exploited",
            "source": "<source-of-the-sighting>",
            "vulnerability": "CVE-2024-9474",
            "author": {
                "login": "cedric",
                "name": "Cédric",
                "uuid": "8dfa6142-8c6d-4072-953e-71c85404aefb"
            }
        }
    ]
}

PyVulnerabilityLookup supports various object types within the VulnerabilityLookup framework.
Refer to the tests for detailed examples and usage.