gsd-tools VS cvelistV5

Compare gsd-tools vs cvelistV5 and see what are their differences.

gsd-tools

Global Security Database Tools (by CloudSecurityAlliance)
Suggest topics
Source Code
gsd.id
Suggest alternative
Edit details

cvelistV5

CVE cache of the official CVE List in CVE JSON 5.0 format (by CVEProject)
Suggest topics
Source Code
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
gsd-tools cvelistV5
1 5
39 494
- 17.0%
6.9 4.8
5 months ago 3 days ago
Python
Apache License 2.0 -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

gsd-tools

Posts with mentions or reviews of gsd-tools. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-04-17.
  • Rage about CVE dataset quality(?)
    6 projects | /r/cybersecurity | 17 Apr 2022
    SQL won't prevent data errors any more than using JSON, you can have schema validation and the exact same data validation tooling, which we'd be more than happy to have, if you want to build this simply submit PR's against the tools repo: https://github.com/cloudsecurityalliance/gsd-tools

cvelistV5

Posts with mentions or reviews of cvelistV5. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-08-24.
  • Maccarone: AI-managed code blocks in Python
    2 projects | news.ycombinator.com | 24 Aug 2023
    We, as an industry, didn't stop shipping bugs. (Small example: https://github.com/CVEProject/cvelistV5/releases)

    And that thorough code review prevents bugs is, at best, a debatable assertion. See e.g. https://www.microsoft.com/en-us/research/publication/code-re...

    It finds _some_ bugs. CI/CD, and a massive investment in automated testing has probably had the largest impact in moving software quality forward. (See e.g. "Accelerate", Forsgren, Humble & Kim)

    Code review is an excellent tool to socialize knowledge and train up more junior engineers, but in terms of preventing bugs, it's low-value.

  • "Mirror" of the soon to be deprecated NIST NVD CVE Feeds
    4 projects | /r/netsec | 22 May 2023
    There seems to be new repository in a new JSON format: https://github.com/CVEProject/cvelistV5
  • Please don't use GPT for Security Guidance
    1 project | news.ycombinator.com | 6 Apr 2023
    Meanwhile, over here, I just stare at https://github.com/CVEProject/cvelistV5 and mumble "any reasonable dev, front of mind".
  • On the uselessness of MITRE's CVE List
    1 project | /r/cybersecurity | 29 Apr 2022
    The issues I filed in the cvelistV5 repo are also unanswered, so I guess nobody gives a damn.
  • Rage about CVE dataset quality(?)
    6 projects | /r/cybersecurity | 17 Apr 2022
    118955 entries don't even have an affected vendor/product software field, and neither with a valid version string and/or condition. They only contain plaintext descriptions and no version matching field either. Filed an issue here about it.

What are some alternatives?

When comparing gsd-tools and cvelistV5 you can also consider the following projects:

cve-schema - This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published here. This repository is managed by the CVE Quality Working Group.

opencve - CVE Alerting Platform

Loki - Loki - Simple IOC and YARA Scanner

maccarone - AI-managed code blocks in Python ⏪⏩

cvelist - Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023

gsd-tools vs cve-schema cvelistV5 vs opencve gsd-tools vs Loki cvelistV5 vs maccarone gsd-tools vs cvelist cvelistV5 vs Loki gsd-tools vs opencve cvelistV5 vs cve-schema cvelistV5 vs cvelist