cve#
This subcommand provides CVE related functionality.
$ scf cve -h
Usage: scf cve [OPTIONS] COMMAND [ARGS]...
Options:
-h, --help Show this message and exit.
Commands:
details Fetch the details of a given cve
list Fetch the known cve for a given year or all.
watch Show the latest CVE as they get published
list#
Use list to get a list of all known CVE.
$ scf cve list -h
Usage: scf cve list [OPTIONS]
Fetch the known cve for a given year or all.
Options:
-y, --year List cve grouped by year.
--cache Enables the cache.
--json Print the result as json.
-h, --help Show this message and exit.
example#
This will group the found CVE by year:
$ scf cve list --year
CVE
├── 2022
│ ├── CVE-2022-30974
│ ├── CVE-2022-30767
│ ├── CVE-2022-30595
...
details#
Use details to get more information about a specific CVE.
$ scf cve details -h
Usage: scf cve details [OPTIONS] [NAME]
Fetch the details of a given cve
Arguments:
[NAME] The cve identifier to lookup.
Options:
--no-cache Disable the cache.
--field TEXT Only print the given field (e.g. `cvss.score`)
--json Print the result as json.
-h, --help Show this message and exit.
example#
Get the base score for the CVE CVE-2022-30333:
$ scf cve details CVE-2022-30333 --field cvss.score
6.6
watch#
Use watch if you want to get informations about new CVE as they are being published.
$ scf cve watch -h
Usage: scf cve watch [OPTIONS]
Show the latest CVE as they get published
Options:
-c, --command TEXT Run this command if a new CVE is found
-t, --test Test the command and exit
-i, --interval INTEGER Set the refresh interval [default: 30]
-h, --help Show this message and exit.
example#
Start the watcher, run a command (--command
), exit (--test
).
This is useful, if you want to test the command before going into watch mode.
$ scf cve watch --command "echo Does this get executed?" --test
Executed command. RC = 0