Metadata-Version: 2.1
Name: cve_checker
Version: 0.1.1
Summary: A library for checking CVE vulnerabilities in software dependencies
Home-page: https://github.com/bassemAbidi/cve_checker
Author: Bassem Abidi
Author-email: abidi.bassem@me.com
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Requires-Python: >=3.7
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: aiohttp
Requires-Dist: pyyaml
Requires-Dist: toml

# CVE Checker Library

CVE Checker is a Python library for checking Common Vulnerabilities and Exposures (CVEs) in software dependencies. It provides tools to scan dependency files, check specific packages for vulnerabilities, assess risk, and generate comprehensive reports.

## Features

- Fetch CVE data from the National Vulnerability Database (NVD)
- Scan dependency files (requirements.txt, package.json, etc.) for vulnerabilities
- Check specific packages and versions for known vulnerabilities
- Calculate risk scores based on CVSS scores and exploitability
- Generate detailed reports in JSON or HTML format
- Command-line interface for easy use

## Installation

You can install the CVE Checker Library using pip:

```
pip install cve-checker
```

For the latest version, you can install directly from the GitHub repository:

```
pip install git+https://github.com/bassemAbidi/cve_checker.git
```

## Usage

### Command-line Interface

The CVE Checker Library provides a command-line interface for quick vulnerability checks.

To check a dependency file:

```
cve_checker --dependencies path/to/requirements.txt
```

To check a specific package:

```
cve_checker --package package_name --version package_version
```

### Python API

You can also use the CVE Checker Library in your Python code:

```python
import asyncio
from cve_checker import CVEChecker

async def main():
    checker = CVEChecker()
    
    # Check dependencies
    report = await checker.check_dependencies('path/to/requirements.txt')
    print(report)
    
    # Check specific package
    report = await checker.check_package('package_name', '1.0.0')
    print(report)

asyncio.run(main())
```

## Components

The CVE Checker Library consists of several components:

1. **CVE Data Fetcher**: Fetches CVE data from the NVD API.
2. **Vulnerability Checker**: Checks specific software packages for known vulnerabilities.
3. **Dependency Scanner**: Scans project dependencies for vulnerabilities.
4. **Risk Scorer**: Calculates risk scores based on CVSS scores and exploitability.
5. **Report Generator**: Generates comprehensive reports of detected vulnerabilities.

## Contributing

Contributions to the CVE Checker Library are welcome! Please refer to the `CONTRIBUTING.md` file for guidelines on how to contribute.

## License

This project is licensed under the MIT License. See the `LICENSE` file for details.

## Changelog

### Version 0.1.1
- Updated documentation
- Minor bug fixes and improvements

### Version 0.1.0
- Initial release
- Basic functionality for CVE checking and reporting

## Contact

If you have any questions or feedback, please open an issue on the GitHub repository or contact the maintainer:

Bassem Abidi (abidi.bassem@me.com)

## PyPI Package

The CVE Checker Library is available on PyPI: [https://pypi.org/project/cve-checker/](https://pypi.org/project/cve-checker/)

[![PyPI version](https://badge.fury.io/py/cve-checker.svg)](https://badge.fury.io/py/cve-checker)
[![GitHub](https://img.shields.io/github/license/bassemAbidi/cve_checker)](https://github.com/bassemAbidi/cve_checker/blob/main/LICENSE)
