-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfetch-cve-data.sh
More file actions
84 lines (72 loc) · 3.6 KB
/
fetch-cve-data.sh
File metadata and controls
84 lines (72 loc) · 3.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/bin/bash
# Script to fetch CVE data from multiple sources and organize it into the repository
# Purpose: Downloads or updates CVE data from MITRE, NVD, CISA, CVEDetails, and Tenable
# Usage: Run ./fetch-cve-data.sh from the repository root
# Requirements: Git, curl, and jq must be installed and configured
# Exit on any error
set -e
# Check for required tools
for tool in git curl jq; do
if ! command -v "$tool" &> /dev/null; then
echo "Error: $tool is not installed. Please install $tool and try again."
exit 1
fi
done
# Base directory for CVE data
BASE_DIR="cve-data"
# Create base directory if it doesn't exist
mkdir -p "$BASE_DIR"
# Function to log the last update time
log_update_time() {
local dir="$1"
echo "Last updated: $(date)" > "$dir/last-updated.txt"
}
# 1. Fetch MITRE CVE Data (already mirrored via GitHub)
MITRE_DIR="$BASE_DIR/mitre"
MITRE_REPO="https://github.com/CVEProject/cvelistV5.git"
if [ -d "$MITRE_DIR" ]; then
echo "Updating MITRE CVE data in $MITRE_DIR..."
cd "$MITRE_DIR"
git pull origin main || { echo "Error: Failed to update MITRE CVE data."; exit 1; }
cd ../..
else
echo "Cloning MITRE CVE data from $MITRE_REPO into $MITRE_DIR..."
git clone "$MITRE_REPO" "$MITRE_DIR" || { echo "Error: Failed to clone MITRE CVE data."; exit 1; }
fi
log_update_time "$MITRE_DIR"
# 2. Fetch NVD CVE Data (using NVD 2.0 API data feed)
NVD_DIR="$BASE_DIR/nvd"
mkdir -p "$NVD_DIR"
echo "Fetching NVD CVE data into $NVD_DIR..."
# NVD provides yearly JSON feeds; we'll fetch the most recent year (2025) as an example
NVD_URL="https://nvd.nist.gov/feeds/json/cve/2.0/nvdcve-2.0-2025.json.gz"
curl -s -o "$NVD_DIR/nvdcve-2025.json.gz" "$NVD_URL" || { echo "Error: Failed to download NVD CVE data."; exit 1; }
gunzip -f "$NVD_DIR/nvdcve-2025.json.gz" || { echo "Error: Failed to unzip NVD CVE data."; exit 1; }
log_update_time "$NVD_DIR"
# 3. Fetch CISA KEV Catalog
CISA_DIR="$BASE_DIR/cisa-kev"
mkdir -p "$CISA_DIR"
echo "Fetching CISA KEV catalog into $CISA_DIR..."
CISA_URL="https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
curl -s -o "$CISA_DIR/known_exploited_vulnerabilities.json" "$CISA_URL" || { echo "Error: Failed to download CISA KEV data."; exit 1; }
log_update_time "$CISA_DIR"
# 4. Fetch CVEDetails Data (example: recent CVEs via RSS feed)
CVEDETAILS_DIR="$BASE_DIR/cvedetails"
mkdir -p "$CVEDETAILS_DIR"
echo "Fetching CVEDetails recent CVEs into $CVEDETAILS_DIR..."
CVEDETAILS_URL="https://www.cvedetails.com/vulnerability-feed.php?format=json&days=30"
curl -s -o "$CVEDETAILS_DIR/recent-cves.json" "$CVEDETAILS_URL" || { echo "Error: Failed to download CVEDetails CVE data."; exit 1; }
log_update_time "$CVEDETAILS_DIR"
# 5. Fetch Tenable CVE Data (example: scrape recent CVEs; note: Tenable's full list requires API access)
TENABLE_DIR="$BASE_DIR/tenable"
mkdir -p "$TENABLE_DIR"
echo "Fetching Tenable CVE data into $TENABLE_DIR..."
# Since Tenable's full CVE list requires API access, we'll fetch a sample of recent CVEs from their blog or public page
# This is a placeholder; you may need to use Tenable's API with credentials for full access
TENABLE_URL="https://www.tenable.com/cve/feed"
curl -s "$TENABLE_URL" | grep -o 'CVE-[0-9]\{4\}-[0-9]\+' | head -n 50 > "$TENABLE_DIR/recent-cves.txt" || { echo "Error: Failed to fetch Tenable CVE data."; exit 1; }
log_update_time "$TENABLE_DIR"
# Add and commit the changes to your repository
git add "$BASE_DIR"
git commit -m "Update CVE data from multiple sources - $(date)" || echo "No changes to commit."
echo "CVE data fetched successfully. Run 'git push' to upload the changes to your repository."