Workflow

Nvdlib

Latest version: v0.7.9

Safety actively analyzes 701735 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 4

0.7.9

-------------------
**Enhancements**
- Added missing CVSS 3.0 data for `attackVector`, `attackComplexity`, `privilegesRequired`, `userInteraction`, `scope`, `confidentialityImpact`, `integrityImpact`, and `availabilityImpact` as reported from https://github.com/vehemont/nvdlib/issues/48
- Added basic CVSS 4.0 data: `v40score`, `v40vector`, and `v40severity` in CVEs.
- Merged https://github.com/vehemont/nvdlib/pull/49 and https://github.com/vehemont/nvdlib/pull/50 to add more type hints and also fixes the MatchString search. Courtesy of LachJones.
- Increased minimum required Python version to `3.11` or later from Python 3.8.3. This opens up some cooler features and fixed a compatibility issue with `LiteralString` not being available until 3.11.

0.7.8

-------------------
**Enhancements**
- Merged https://github.com/vehemont/nvdlib/pull/44
- Updated delay parameter to a float.
- Removed verbose in favor of the Python logging module.

To try out the new logging addition, try the simple logger configuration below. It will create a file named "example_NVDLib.log" and will log NVDLib and Requests actions into the file. Syntax errors/HTTP server errors are logging level of "error", URLs requested (similar output to the previous `verbose` parameter) are set to "debug".

import logging
import nvdlib

logging.basicConfig(filename='example_NVDLib.log', encoding='utf-8', level=logging.DEBUG)
r = nvdlib.searchCVE(keywordSearch="Microsoft")

0.7.7

-------------------
**Bugfixes**
- Fix cwe attr in CVE by jobselko in https://github.com/vehemont/nvdlib/pull/39

**Enhancements**
- Added CPE Match String API with `nvdlib.searchCPEmatch`, check out the documentation at https://nvdlib.com/en/latest/v2/CPEv2.html#cpe-match-criteria-api and more information can be found at the NVD API documentation page: https://nvd.nist.gov/developers/products

Thanks to jobselko for submitting a PR to resolve the cwe bug.

0.7.6

-------------------
**Bugfixes**
- Merged 35. Fixed a CPE search not pulling all CPE matches.

**Enhancements**
- Merged 34. Added additional vars for CVEs for easy accessability.
- Still working on 32 for supporting type hints, but some have been added.

Thanks to akuster for submitting a PR for these changes.

0.7.5

-------------------
**Bugfixes**
- Merged 30. Added a check if the generator hits 403 rate limit error, instead of breaking the entire generator. Delays twice as long to ensure another 403 isn't hit.

0.7.4

-------------------

**Enhancements**
- Merged 24. Added the new functions for `searchCVE_V2` and `searchCPE_V2`. They have the same arguments as their respective counterparts (`searchCVE` and `searchCPE`), but are defined as a generator instead. Yields after each CVE conversion from the response. This is useful for systems with resource constraints.

nthunk single handedly pushed these features. Thank you.

Page 1 of 4

Links

Releases

Has known vulnerabilities

Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.