User’s guide#


This guide is in the making.

NVD datasets#

Our tool matches certificates to their possible CVEs using datasets downloaded from National Vulnerability Database (NVD). If you’re fully processing the CCDataset or FIPSDataset by yourself, you must somehow obtain the NVD datasets.

Our tool can seamlessly download the required NVD datasets when needed. We support two download mechanisms:

  1. Fetching datasets with the NVD API (preferred way).

  2. Fetching snapshots from

The following two keys control the behaviour:

preferred_source_nvd_datasets: "api" # set to "sec-certs" to fetch them from
nvd_api_key: null # or the actual key value

If you aim to fetch the sources from NVD, we advise you to get an NVD API key and set the nvd_api_key setting accordingly. The download from NVD will work even without API key, it will just be slow. No API key is needed when preferred_source_nvd_datasets: "sec-certs"