Skip to content

matthesvoss/CVE-Insight

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

134 Commits
backend
backend
 
 
frontend
frontend
 
 
images
images
 
 
nginx
nginx
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
compose.dev.yaml
compose.dev.yaml
 
 
compose.yaml
compose.yaml
 
 

Repository files navigation

CVE Insight

CVE Insight Dashboard

Installation

Prerequisites

Configure environment variables

  1. Rename .env.example to .env
  2. Request an API key from the NVD
  3. Edit POSTGRES_PASSWORD and NVD_API_KEY in .env

Start the application

Build and start all services:

docker compose up -d --build

Without rebuilding images:

docker compose up -d

Database migrations run automatically on container startup. The web application is available on port 8000 of your host machine.

Data synchronization

CVE, CWE, EPSS and NVD source data is kept up to date by the scheduler service, which runs nightly at 02:00 Europe/Berlin. It skips any source that has already been synced today (or this week, for CWEs).

To trigger an immediate sync on scheduler startup, set the following in .env (default is false):

SYNC_ON_STARTUP=true

To disable the scheduler entirely (default is true):

SCHEDULER_ENABLED=false

Manual fetching

To trigger a manual full sync (sources → CWEs → CVEs → EPSS), run the sync job on the scheduler container. It applies the same already-synced-today/this-week guards as the nightly run:

docker compose up -d scheduler

docker compose exec scheduler python -m app.jobs.sync

To fetch individual data sources, start the backend service and run the relevant job:

docker compose up -d backend

Fetch NVD sources:

docker compose exec backend python -m app.jobs.fetch_sources

Fetch CWE descriptions:

docker compose exec backend python -m app.jobs.fetch_cwes --no-images

Fetch some CVEs:

docker compose exec backend python -m app.jobs.fetch_cves --limit 100 \
  --pub-start 2024-12-22T00:00:00 \
  --pub-end 2025-02-22T00:00:00

Fetch all CVEs modified since the last sync:

docker compose exec backend python -m app.jobs.fetch_cves --incremental

Fetch EPSS scores:

docker compose exec backend python -m app.jobs.fetch_epss

Inspect data

docker compose exec postgres sh -lc \
'psql -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c \
"SELECT id, epss_score, published_at, actively_exploited, cvss_base_score \
FROM cves ORDER BY published_at DESC LIMIT 10;"'

Or use the pgAdmin interface in the development environment.

Stopping

docker compose down

Updating

Update repository and docker images:

git pull && docker compose pull

Then recreate the containers:

docker compose up -d --build --force-recreate

Development environment

First uncomment and edit the pgAdmin section in .env, then run:

docker compose -f compose.yaml -f compose.dev.yaml up --watch

The pgAdmin interface is available at localhost:8888 and the API docs at localhost:8080/docs.

To stop the development environment:

docker compose -f compose.yaml -f compose.dev.yaml down

Troubleshooting

View logs

docker compose logs -ft frontend
docker compose logs -ft backend
docker compose logs -ft scheduler
docker compose logs -ft postgres

Check container status

docker compose ps

About

A webapp showing current cybersecurity vulnerabilities and making them understandable for non-technical users.

Topics

python docker redis security typescript nextjs postgresql vulnerabilities cve nvd cwe fastapi epss

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages