It’s been released. Use this with NIST::NVD 1.00.00 and you will be able to perform immediate look-ups of CVE and CWE data given a CPE URN. For instance:
cjac@foxtrot:/usr/src/git/f5/NIST-NVD-Store-SQLite3$ perl Makefile.PL ; make ; make test ; cjac@foxtrot:/usr/src/git/f5/NIST-NVD-Store-SQLite3$ perl -MNIST::NVD::Query -MData::Dumper -e '
$q = NIST::NVD::Query->new(store => q{SQLite3},database => q{t/data/nvdcve-2.0.db});
$cve_list = $q->cve_for_cpe( cpe => q{cpe:/a:microsoft:ie:7.0.5730.11} );
print Data::Dumper::Dumper { cve_list => $cve_list, first_cvss => $q->cve( cve_id => $cve_list->[0] )->{q{vuln:cvss}} }
'
$VAR1 = {
'cve_list' => [
'CVE-2002-2435',
'CVE-2010-5071'
],
'first_cvss' => {
'cvss:base_metrics' => {
'cvss:confidentiality-impact' => 'PARTIAL',
'cvss:score' => '4.3',
'cvss:authentication' => 'NONE',
'cvss:access-vector' => 'NETWORK',
'cvss:source' => 'http://nvd.nist.gov',
'cvss:generated-on-datetime' => '2011-12-08T06:47:00.000-05:00',
'cvss:availability-impact' => 'NONE',
'cvss:integrity-impact' => 'NONE',
'cvss:access-complexity' => 'MEDIUM'
}
}
};
https://metacpan.org/release/CJCOLLIER/NIST-NVD-Store-SQLite3-1.00.00
PlanetMySQL Voting: Vote UP / Vote DOWN