- Joined
- Jan 8, 2019
- Messages
- 56,608
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,454
- Points
- 2,313
- Credits
- 32,600
6 Years of Service
76%
OpenCVE
OpenCVE (formerly known as Saucs) is a platform that alerts you about new vulnerabilities related to the CVE list.
How does it work
OpenCVE uses the JSON feed provided by the NVD to be synchronized.
After an initial import, a background task is regularly executed to check changes in the list. If a new CVE is added, or if a change is detected, the subscribers of the related vendors and products will be alerted.
For now, the only method of notification is the mail, but we plan to add other integrations (webhooks, Slack, Jira, PagerDuty, OpsGenie…).
Changelog v1.2
This release introduces 2 new migrations:
one to create the cves_tags and users_tags tables,
the other to add GIN indexes on cves.summary and cves.cve_id columns.
The GIN indexes is part of the pg_trgm module of PostgreSQL. The opencve upgrade-db command will enable it for you, but you can also do it yourself if you prefer (CREATE EXTENSION pg_trgm). From PostgreSQL 13 this module is considered as trusted, meaning it can be installed by non-superusers with the CREATE privilege.
These indexes act on common and widely used columns, so we recommend you to stop the workers (web & celery) during the upgrade.
Added
Improved search functionality on /cve
Add GIN indexes on cves.summary and cves.cve_id
New API Endpoint (user subscriptions)
Add the tags feature
Fixed
trim() the text of the ‘Subscribe’ button
CVE can be filtered by CWE and vendor in the same query
Default tag color wasn’t correctly handled