CPE

Search CPE

Searching for CPEs is similar to searching for CVEs albeit less parameters. CPE match strings are allowed, meaning if partial strings are known, you can search for all possible CPE names. Like searching CVEs, the parameters are not positional.

Here is an example search with a keyword and a limit of 2 results then iterate through said CPE names.

Note

Due to rate limiting restrictions by NIST, a request will take 6 seconds with no API key.
Requests with an API key take 0.6 seconds per request.
Get a NIST NVD API key here (free): https://nvd.nist.gov/developers/request-an-api-key
import nvdlib

r = nvdlib.searchCPE(keyword = 'Microsoft Exchange', limit = 2)
for eachCPE in r:
    print(eachCPE.name)


'cpe:2.3:a:microsoft:exchange_instant_messenger:-:*:*:*:*:*:*:*'
'cpe:2.3:a:microsoft:msn_messenger_service_for_exchange:4.5:*:*:*:*:*:*:*'
nvdlib.cpe.searchCPE(modStartDate=False, modEndDate=False, includeDeprecated=False, keyword=False, cpeMatchString=False, cves=False, limit=False, key=False, verbose=False)[source]

Build and send GET request then return list of objects containing a collection of CPEs.

Parameters
  • modStartDate (ISO 8601 date/time Example: '2020-06-28 00:00' Maximum 120 day range) – CPE modification start date

  • modEndDate (ISO 8601 date/time Example: '2020-06-28 00:00') – CPE modification end date

  • includeDeprecated (Bool True) – Include deprecated CPE names that have been replaced.

  • keyword (str) – Free text keyword search.

  • cpeMatchString (str) – CPE match string search.

  • cves (bool True) – Return vulnerabilities. Warning: This parameter may incur large amounts of results causing delays.

  • limit (int) – Limits the number of results of the search.

  • key (str) – NVD API Key. Allows for a request every 0.6 seconds instead of 6 seconds.

  • verbose (bool) – Prints the URL request for debugging purposes.

class nvdlib.classes.CPE(dict)[source]

JSON dump class for CPEs

Variables
  • name (str) – CPE URI name

  • title (str) – The first title result of the CPE.

  • deprecated (bool) – Indicates whether CPE has been deprecated

  • cpe23Uri (str) – The CPE name

  • lastModifiedDate – CPE modification date

  • titles (dict) – Human-readable CPE titles

  • refs (dict) – Reference links.

  • deprecatedBy – If deprecated=true, one or more CPE that replace this one

  • vulnerabilities (list) – Optional vulnerabilities associated with this CPE. Must use ‘cves = true’ argument in searchCPE.

CPE Search Examples

Filter for a partial cpeMatchString for Microsoft Exchange 2013, return all the vulnerabilities for said matching CPEs, and print their CVE IDs.

Note

CVEs returned using searchCPE do not contain details and are only the ID.

r = nvdlib.searchCPE(cpeMatchString='cpe:2.3:a:microsoft:exchange_server:2013:', cves=True, key='xxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxx')
for eachCPE in r:
    for eachVuln in eachCPE.vulnerabilities:
        print(eachVuln)

Filter for CPE names modfied between 2019-01-01 and 2021-01-01 with the keyword of PHP.

Note

Maximum 120 days between a date.
len(r) will return how many CPE entries were found in the result.
r = nvdlib.searchCPE(modStartDate='2019-01-01 00:00', modEndDate='2020-01-01 00:00', keyword='PHP')
print(len(r))

5992