CVE Vulnerability Lookup

Search for Common Vulnerabilities and Exposures (CVEs) with detailed information including severity scores, affected software, and references.

Usage

npx tsx scripts/lookup.ts [cve-id | --product <name>] [options]

Arguments

*Either cve-id or --product must be provided

Options

Output

CVE ID Search Output:

📋 CVE-2024-1086
Severity: HIGH (7.8)
Published: 2024-01-15 12:30
Modified: 2024-01-20 08:45

Summary:
  A buffer overflow vulnerability in Linux kernel network stack...

CVSS v3.1: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Software:
  1. Linux Kernel - Versions 5.15 to 6.6, 6.7-rc1 to 6.7
     Versions: 5.15.0, 5.16.0, 6.0.0, 6.1.0, 6.2.0 ... and 15 more

Weaknesses: CWE-120 (Buffer Copy without Checking Size of Input)

References:
  1. https://nvd.nist.gov/vuln/detail/CVE-2024-1086
  2. https://www.cisa.gov/news-events/alerts/2024/01/15/...
  3. https://github.com/advisories/GHSA-...

Quick Start

npx tsx scripts/lookup.ts CVE-2024-1086
npx tsx scripts/lookup.ts --product OpenSSL
npx tsx scripts/lookup.ts --product "Apache Struts" --limit 20

Run from the cve-search plugin directory: ~/.claude/plugins/cache/cve-search/

Data Sources

The skill uses OpenCVE API as the primary data source:

• OpenCVE: Lightweight, JSON-based CVE database
• Coverage: Official CVE list with detailed metadata
• Update frequency: Synchronized with official CVE feeds
• No authentication: Public API, free to use

How It Works

CVE ID Lookup

When searching by CVE ID (e.g., CVE-2024-1086):

1. Queries OpenCVE API with exact CVE identifier
2. Returns complete vulnerability details
3. Shows severity, CVSS score, affected products, and references
4. Results cached for 24 hours

Product Search

When searching by product name (e.g., --product OpenSSL):

1. Queries OpenCVE API with product search
2. Returns matching CVEs (limited to specified count)
3. Shows all vulnerabilities affecting that product
4. Useful for identifying software risks

Output Format

CVE ID Search Output

📋 CVE-2024-1086
Severity: HIGH (7.8)
Published: 2024-01-15 12:30
Modified: 2024-01-20 08:45

Summary:
  A buffer overflow vulnerability in Linux kernel network stack...

CVSS v3.1: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Software:
  1. Linux Kernel - Versions 5.15 to 6.6, 6.7-rc1 to 6.7
     Versions: 5.15.0, 5.16.0, 6.0.0, 6.1.0, 6.2.0 ... and 15 more

Weaknesses: CWE-120 (Buffer Copy without Checking Size of Input)

References:
  1. https://nvd.nist.gov/vuln/detail/CVE-2024-1086
  2. https://www.cisa.gov/news-events/alerts/2024/01/15/...
  3. https://github.com/advisories/GHSA-...

Product Search Output

Searching for CVEs affecting "OpenSSL"...

Found 12 CVE(s):

📋 CVE-2023-6129
Severity: HIGH (7.5)
Published: 2023-11-28 12:00

Summary: PKCS #7 Signature Verification Bypass...
[truncated]

📋 CVE-2023-5678
Severity: MEDIUM (5.3)
...

API Response Format

OpenCVE Response Structure

{
  "results": [
    {
      "cveid": "CVE-2024-1086",
      "summary": "Buffer overflow in kernel network stack",
      "severity": "HIGH",
      "cvss": 7.8,
      "cvss_v3": {
        "score": 7.8,
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
      },
      "created_at": "2024-01-15T12:30:00Z",
      "updated_at": "2024-01-20T08:45:00Z",
      "vendors": [
        {
          "name": "linux",
          "product": "Linux Kernel",
          "versions": ["5.15.0", "5.16.0", "6.0.0", ...]
        }
      ],
      "references": ["https://nvd.nist.gov/...", "..."],
      "cwe": ["CWE-120"]
    }
  ]
}

Use Cases

Security Audit

Check if deployed software has known vulnerabilities:

npx tsx scripts/lookup.ts --product "Apache Tomcat" --limit 50

Incident Response

Quickly look up a CVE mentioned in an alert:

npx tsx scripts/lookup.ts CVE-2024-1234

Dependency Scanning

Verify your project dependencies for known issues:

npx tsx scripts/lookup.ts --product "jQuery" --limit 20

Vulnerability Assessment

Research a specific vulnerability before patching:

npx tsx scripts/lookup.ts CVE-2024-1086 --no-cache

Caching

Results are cached for 24 hours by default. CVE information doesn’t change frequently, so caching significantly improves performance.

Use --no-cache when:

• You need the latest CVE information
• Recently patched vulnerabilities may not be in cache
• Doing a fresh security assessment

Limitations

• Search coverage: Depends on OpenCVE’s database (generally comprehensive for official CVE list)
• Real-time updates: Cached for 24 hours (use --no-cache for fresh data)
• Product name matching: Uses substring search (may return unrelated CVEs)
• Rate limiting: OpenCVE API has rate limits (automatic backoff implemented)
• Detailed info: Some older CVEs may have incomplete metadata

Exit Codes

Examples

Find a specific vulnerability

npx tsx scripts/lookup.ts CVE-2024-1086
# Returns full details of the Linux kernel buffer overflow

Search for vulnerabilities in OpenSSL

npx tsx scripts/lookup.ts --product OpenSSL
# Returns up to 10 OpenSSL CVEs

Get all recent Django vulnerabilities

npx tsx scripts/lookup.ts --product "Django" --limit 30
# Returns up to 30 Django-related CVEs

Fresh lookup bypassing cache

npx tsx scripts/lookup.ts CVE-2024-1234 --no-cache
# Fetches latest data from OpenCVE API

Related Skills

• Use with version checking tools to identify if your installed version is vulnerable
• Combine with security scanning tools for comprehensive vulnerability assessment
• Cross-reference with GitHub Advisories for ecosystem-specific information

Troubleshooting

“CVE not found”

• CVE may not yet be in the public database
• Try with --no-cache to check latest database
• Verify CVE ID format: CVE-YYYY-NNNNN

No results for product search

• Product name may not match database naming
• Try alternate names (e.g., “Apache HTTP Server” vs “Apache”)
• Check OpenCVE documentation for correct product names

Rate limit error

• Wait a moment and retry
• Use cached results from previous queries
• Limit number of simultaneous requests

References

• OpenCVE Documentation
• Official CVE Database
• NIST National Vulnerability Database
• CVSS Scoring Guide