Will allow for queries like (joining CVES and CWES):
SELECT
v.published_date,
v.cve_id,
v.cwe_id,
v.cvss_score,
v.vendor,
v.product,
v.status,
v.description,
w.description AS cwe_description,
v.last_modified_date
FROM "cves://" AS v
LEFT JOIN "cwes://" AS w ON v.cwe_id = w.cwe_id
where v.vendor = "apache" and v.product = "superset"
Still missing tests, tell me if this sounds interesting to you @betodealmeida, or if it makes sense to add it directly to shillelagh
Summary
New adapter proposal to support CVE, CPES and CWEs from NVD as a datasource.
Will consume 2 REST API endpoints from NVD, more details here: https://nvd.nist.gov/developers
for the CVES: https://nvd.nist.gov/developers/vulnerabilities for the CPES: https://nvd.nist.gov/developers/products
Will allow for queries like (joining CVES and CWES):
Still missing tests, tell me if this sounds interesting to you @betodealmeida, or if it makes sense to add it directly to
shillelagh
Testing instructions