Search the Community

OpenCVE OpenCVE (formerly known as Saucs) is a platform that alerts you about new vulnerabilities related to the CVE list. How does it work OpenCVE uses the JSON feed provided by the NVD to be synchronized. After an initial import, a background task is regularly executed to check changes in the list. If a new CVE is added, or if a change is detected, the subscribers of the related vendors and products will be alerted. For now, the only method of notification is the mail, but we plan to add other integrations (webhooks, Slack, Jira, PagerDuty, OpsGenie…). Changelog v1.2 This release introduces 2 new migrations: one to create the cves_tags and users_tags tables, the other to add GIN indexes on cves.summary and cves.cve_id columns. The GIN indexes is part of the pg_trgm module of PostgreSQL. The opencve upgrade-db command will enable it for you, but you can also do it yourself if you prefer (CREATE EXTENSION pg_trgm). From PostgreSQL 13 this module is considered as trusted, meaning it can be installed by non-superusers with the CREATE privilege. These indexes act on common and widely used columns, so we recommend you to stop the workers (web & celery) during the upgrade. Added Improved search functionality on /cve Add GIN indexes on cves.summary and cves.cve_id New API Endpoint (user subscriptions) Add the tags feature Fixed trim() the text of the ‘Subscribe’ button CVE can be filtered by CWE and vendor in the same query Default tag color wasn’t correctly handled [hide][Hidden Content]]