The Global CVE (GCVE) allocation system is a new, decentralized approach to vulnerability identification and numbering, designed to improve flexibility, scalability, and autonomy for participating entities.
This client can be integrated into software such as Vulnerability-Lookup to provide core GCVE functionalities by adhering to the Best Current Practices.
It can also be used as a standalone command-line tool.Examples of usage
As a command line tool
First install the gcve client:
$ python -m pip install --user pipx $ python -m pipx ensurepath $ pipx install gcve installed package gcve 0.6.0, installed using Python 3.13.0 These apps are now globally available - gcve done! ✨ 🌟 ✨Pulling the registry locally
$ gcve registry --pull Pulling from registry... Downloaded updated https://gcve.eu/dist/key/public.pem to data/public.pem Downloaded updated https://gcve.eu/dist/gcve.json.sigsha512 to data/gcve.json.sigsha512 Downloaded updated https://gcve.eu/dist/gcve.json to data/gcve.json Integrity check passed successfully.Retrieving a GNA
Note: This operation is case sensitive.
$ gcve registry --get CIRCL { "id": 1, "short_name": "CIRCL", "cpe_vendor_name": "circl", "full_name": "Computer Incident Response Center Luxembourg", "gcve_url": "https://vulnerability.circl.lu/", "gcve_api": "https://vulnerability.circl.lu/api/", "gcve_dump": "https://vulnerability.circl.lu/dumps/", "gcve_allocation": "https://vulnerability.circl.lu/", "gcve_sync_api": "https://vulnerability.circl.lu/" } $ gcve registry --get CIRCL | jq .id 1Searching the Registry
Note: Search operations are case insensitive.
$ gcve registry --find cert [ { "id": 680, "short_name": "DFN-CERT", "full_name": "DFN-CERT Services GmbH", "gcve_url": "https://adv-archiv.dfn-cert.de/" } ]More information in the Git repository.
You must log in or register to comment.