CVE or Not

A toy app that allows you to easily traverse the current NVD CVE list and collect your results.

Why?

Let's pretend that one of your tasks for the week is to go through the most recent list of all CVEs that have been loaded into NVD.

Let's also pretend you aren't using any of the myriad services that help you with this, including those that do so in a much more reliable way that you ever will just skimming skimming these (as in, services that scan dependencies of dependencies, scan your docker images, etc).

Or maybe let's pretend you ARE using such a service, but you still want to skim the CVEs regularly.

You could just, like, read the list. Or you could use this thing.

What?

CVE or Not is a simple React app that fetches all the most recent CVEs from the NVD XML feed and presents them to you one at a time. You either save it or skip it. Once you are done, a list of your "matches" will be provided so you can do whatever you need to with them.

Keyboard Shortcuts

The buttons jump around a lot because I'm lazy and don't want to fix it. The buttons were never intended to be the main interaction point anyway.

• Skip to Next: Space or Right Arrow
• Save CVE: Enter, Control, or Left Arrow
• Undo/Go Back: Escape or Up Arrow

Is it any good?

Probably not.

License

MIT