cveVendorScore is a small CLI script that pulls vendor-provided severity / CVSS details for a given CVE and prints them in a single PrettyTable so you can quickly compare how different sources score the same vulnerability.
This is to get CVE severity and vector from different vendors such as Ubuntu, RHEL, AmazonLinux, and CISAADP
Currently the script queries:
- Red Hat (RHEL Security Data API)
- Ubuntu (Ubuntu CVE JSON endpoint)
- Amazon Linux (ALAS / Amazon Linux Advisory Service JSON)
- CISA ADP (CISA vulnrichment repository JSON, including exploitation metadata)
Output columns: Source, CVE, Severity, Score, Vector, ECM
(ECM is populated from CISA ADP when available.)
- Python 3.x
- Python packages:
beautifulsoup4(currently imported; not required by the code paths shown, but safe to install)prettytablerequests
Install dependencies:
python3 -m pip install requests beautifulsoup4 prettytable