Workflow

Elf

Latest version: v0.1.0

Safety actively analyzes 723217 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

0.1.0

This is the first release of **ELF (Exposure Lookup Framework)**, a modern Python library designed for seamless integration with vulnerability data sources such as CISA KEV, FIRST EPSS, and NIST NVD.

🎉 What's New
- **CISA KEV Support:**
- Fetch Known Exploited Vulnerabilities (KEV) catalog as JSON or CSV.
- Paginate KEV data for large datasets.

- **FIRST EPSS Integration:**
- Query EPSS scores for specific CVEs.
- Download EPSS full data as CSV.
- Sort CVEs by EPSS score or percentile.

- **NIST NVD API Support:**
- Retrieve CVE details and search vulnerabilities by CPE name or CVSS score.
- Fetch change history for CVEs.
- Support for API key authentication for higher limits.

📚 Examples
- Retrieve the top CVEs with the highest EPSS scores:
python
import asyncio

from elf import FirstEpssApiClient, FirstEpssOrderOption


async def fetch_highest_epss_scores():
async with FirstEpssApiClient() as client:
response = await client.get_cves(order=FirstEpssOrderOption.EPSS_DESC, limit=5)
for record in response.data:
print(
f"CVE: {record.cve}, Score: {record.epss}, Percentile: {record.percentile}"
)


asyncio.run(fetch_highest_epss_scores())


- Search NVD for high-severity vulnerabilities for Windows:
python
import asyncio
from datetime import datetime

from elf.sources.nist_nvd.client import NistNvdApiClient


async def search_nvd():
async with NistNvdApiClient() as client:
async for page in client.search_cves(
cpe_name="cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
cvss_v3_severity="HIGH",
pub_start_date=datetime(2023, 1, 1),
pub_end_date=datetime(2023, month=1, 31),
):
for vuln in page.vulnerabilities:
print(f"CVE ID: {vuln.cve.id}, Published: {vuln.cve.published}")


asyncio.run(search_nvd())


- Fetch all CISA KEV vulnerabilities:
python
import asyncio

from elf import CisaKevApiClient


async def fetch_kev_vulnerabilities():
async with CisaKevApiClient() as client:
kev_data = await client.get_kev_json()
print(f"Catalog Version: {kev_data.catalog_version}")
print(f"Total Vulnerabilities: {kev_data.count}")


asyncio.run(fetch_kev_vulnerabilities())


🚀 Getting Started
- Install the library via `pip`:
bash
pip install elf


- Check out the full documentation and examples in the [README](https://github.com/TypeError/elf).

📝 Notes
- Remember to configure your NIST NVD API key for enhanced rate limits.
- This is the initial release; feedback and contributions are welcome!

Links

Releases

Has known vulnerabilities

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.