vFeed Framework is a CVE, CWE and OVAL Compatible naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML/JSON schema. It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other standards and security references.

Changelog ver. 0.6.8

• Added support to CAPEC version 2.8. Check about CAPEC v2.8.
• Added support to CWE v2.9. Check the full changelog.
• Added mapping to WASC v2.0 Threat Classification.
• Added CVSS v2.0 vectors to risk.py class. Now, the methods get_cvss and get_severity display the vector when available.
• Added new method get_wasc to reflect the new mapping with WASC v2.0. The method returns ID, Title and URL when available.
• Modified the method get_capec to return the following:
  • The title
  • Method of Attacks
  • Mitigations
• Reflected the changes in cvsexports.sql MongoDB script to generate the new added tables.
• vFeed.db the correlated vulnerability & threat database fully regenerated to support the new changes.
• Documentation updated accordingly.

NOTE: Some code was cleaned. Nevertheless, the issues reported here will be fixed in next minor version.

[idz_ui_button color=”blue” size=”small” label=”Download” icon=”smico-cloud-down” link=”https://github.com/toolswatch/vfeed” target=”_self” type=”round” class=””]