- This is a docker container for the CVE-Search tool.
- Port 5000 is exposed for web interface.
- The initial import of database takes over 6 hours to get going on a reasonably specced machine
- This fork of the original repo is based on an Ubuntu 18.04 LTS (Bionic) image so supports Python 3.6 which is required for CVE Search nowadays
sudo docker build -t cve-search .
sudo docker run -d -p 5000:5000 --name cve cve-search
# Note: To restrict the CVE since 2022 only, instead of 2002, use Dockerfile.since2022
# sudo docker build -t cve-search:since2022 -f ./Dockerfile.since2022 .
# sudo docker run -d -p 5000:5000 --name cve cve-search:since2022
# The container execute the following commands by itself on boot:
sudo docker exec -it cve /bin/bash
cd /opt/cve/
./sbin/db_mgmt_cpe_dictionary.py
./sbin/db_mgmt_json.py -p
./sbin/db_updater.py -c
./sbin/db_mgmt_ref.py
./sbin/db_cpe_browser.py
- The database will be downloaded when the container is first launched, this can take some time.
- You can then run, for example
docker exec -it [CONTAINER] search.py -f nagios -n
or other scripts provided by cve-search to interact with the database. - Use
docker exec -it [CONTAINER] cvedb -u
to update the database. - Most importantly, you can use the WEB INTERFACE at port 5000 (or whatever you exposed)
This flavour will save you a lot of time when booting, as it will run immediately the web server, while starting a DB update as a background task. This means that the server will be available right now, but the data will be the one of the last snapshot until the update procedure complete. The background update can take some 2 or 3 minutes to complete while the full DB initialization from scratch takes around 2 or 3 hours.
withdb flavour will load all CVE from 2002 while withdb2022 will load only CVE from 2022 and above.
# To load all the CVE since 2002:
sudo docker build -t cve-search:withdb -f ./Dockerfile.withdb .
sudo docker run -d -p 5000:5000 --name cve cve-search:withdb
# To load only CVE since 2022:
sudo docker build -t cve-search:withdb2022 -f ./Dockerfile.withdb2022 .
sudo docker run -d -p 5000:5000 --name cve cve-search:withdb2022
# The container execute the following commands as background tasks by itself on boot:
sudo docker exec -it cve /bin/bash
cd /opt/cve/
./sbin/db_updater.py -v &
./sbin/db_cpe_browser.py &
The admin pages are not available in the default docker build, as the LoginRequired config flag is set to True and no admin user is defined by default.
To activate admin pages, either:
- Follow the procedure to add a user admin here
- or (for dev purpose only!) allow admin pages without login by setting
LoginRequired: False
in/opt/cve/etc/configuration.ini
This fork is based on the work of (latest updated first):
- https://github.com/digitalshadows/docker-cve-search
- https://github.com/ttimasdf/docker-cve-search
- https://github.com/leojcollard/cve-search-docker
There is an official repository created to host such a docker code at https://github.com/cve-search/CVE-Search-Docker. At this time of july 2020, this repository is empty and cannot be forked to propose pull requests.
Until the official repository is up and running, feel free to propose any PR here or to link me to another official repository.