Project

cisa-kev

0.0
No release in over a year
cisa-kevpostmodern/cisa-kev.rbDocumentationSource CodeBug Tracker
A simple Ruby library for parsing the CISA KEV (Known Exploited Vulnerabilities) catalog
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
 Popularity
Downloads
836
Stars
2
Forks
0
Watchers
1
 Releases
Current version
0.1.0
Total releases
1
First release
2024-05-14
Latest release
2024-05-14
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2024-10-27
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 2.0
 Project Readme

cisa-kev

CI Code Climate

Description

A simple Ruby library for fetching and parsing the CISA KEV catalog.

Features

  • Supports requesting the CISA KEV catalog via HTTP(s).
  • Supports parsing previously downloaded JSON files.

Examples

require 'cisa/kev'

catalog = CISA::KEV::Catalog.load
catalog.select(&:known_ransomware_campaign_use).sort_by(&:date_added)
# =>
# [
#   ...
#  #<CISA::KEV::Vulnerability:0x00007fc0a6e715f8
#   @cve_id="CVE-2023-24955",
#   @date_added=#<Date: 2024-03-26 ((2460396j,0s,0n),+0s,2299161j)>,
#   @due_date=#<Date: 2024-04-16 ((2460417j,0s,0n),+0s,2299161j)>,
#   @known_ransomware_campaign_use=true,
#   @notes="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24955",
#   @product="SharePoint Server",
#   @required_action=
#    "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
#   @short_description=
#    "Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.",
#   @vendor_project="Microsoft",
#   @vulnerability_name="Microsoft SharePoint Server Code Injection Vulnerability">]

Requirements

Install

gem install cisa-kev

Gemfile

gem 'cisa-kev', '~> 0.1'

Copyright

Copyright (c) 2024 Hal Brodigan

See {file:LICENSE.txt} for details.