Bug#1034575: ITP: cve-bin-tool -- The CVE Binary Tool is a free, open source tool to help you find known vulnerabilities in software, using data from the National Vulnerability Database (NVD) list of Common Vulnerabilities and Exposures (CVEs).
Package: wnpp
Severity: wishlist
Owner: jarebear6expepjozn6rakjq5iczi3irqwphcvbswgkahd6b6twnxxid <jarebear6expepjozn6rakjq5iczi3irqwphcvbswgkahd6b6twnxxid@4xvk.com>
X-Debbugs-Cc: debian-devel@lists.debian.org, jarebear6expepjozn6rakjq5iczi3irqwphcvbswgkahd6b6twnxxid@4xvk.com
* Package name : cve-bin-tool
Version : 3.2.0
Upstream Author : Teri Oda <terri.oda@intel.com>
* URL : https://github.com/intel/cve-bin-tool
* License : GPL
Programming Lang: Python
Description : The CVE Binary Tool is a free, open source tool to help you find known vulnerabilities in software, using data from the National Vulnerability Database (NVD) list of Common Vulnerabilities and Exposures (CVEs).
The tool has two main modes of operation:
A binary scanner which helps you determine which packages may have been included as part of a piece of software. There are 288 checkers which focus on common, vulnerable open source components such as openssl, libpng, libxml2 and expat.
Tools for scanning known component lists in various formats, including .csv, several linux distribution package lists, language specific package scanners and several Software Bill of Materials (SBOM) formats.
It is intended to be used as part of your continuous integration system to enable regular vulnerability scanning and give you early warning of known issues in your supply chain.
Reply to: