API Endpoints

• GET /health - Health check endpoint for monitoring
• GET /api/analyze/<cve_id> - Get detailed CVE analysis
• GET /api/search - Search CVEs with filters
• GET /api/recent - Get recent CVEs

Project Structure

├── app.py                          # Main Flask application with health endpoint
├── config.py                       # Enhanced configuration with Flask settings
├── run_webapp.py                   # Production-ready application launcher
├── requirements.txt                # Pinned Python dependencies
├── .github/workflows/keepalive.yml # GitHub Actions keep-alive workflow
├── api/                           # NVD API client
├── models/                        # Data models
├── services/                      # Business logic
├── templates/                     # HTML templates
├── static/                        # CSS, JS, images
└── utils/                         # Utility functions

Production Features

• Health Monitoring: /health endpoint for uptime monitoring
• Rate Limiting: Configurable request rate limiting
• Session Management: Secure session handling with environment-based secrets
• Caching: Built-in Flask caching for improved performance
• Auto Keep-Alive: GitHub Actions workflow prevents app sleeping
• Environment Configuration: Production-ready environment variable support(https://img.shields.io/badge/license-MIT-blue.svg)

CVE Insight Tool

A web application for analyzing CVE (Common Vulnerabilities and Exposures) data using the NIST NVD API.

🌐 Live Demo: https://cve-insight-tool.onrender.com

Features

• Search and analyze individual CVEs
• Browse recent vulnerabilities with filtering
• Export analysis results
• Clean, responsive web interface
• Real-time data from NIST NVD API v2.0
• Health monitoring with automatic keep-alive
• Production-ready deployment configuration

Screenshots

📊 Dashboard

Main overview with quick access to all features and recent activity summary.

🔍 CVE Analysis

Detailed vulnerability analysis with CVSS metrics, affected products, and comprehensive information.

🔎 Search CVEs

Advanced search functionality with keyword, product, and severity filtering.

⏰ Recent CVEs

Browse the latest published vulnerabilities with pagination and real-time filtering.

📋 Bulk Analysis

Process multiple CVEs simultaneously for comprehensive risk assessment.

📚 Session History

Track and review all analyzed CVEs during your session with detailed statistics.

Installation & Deployment

Local Development

1. Clone the repository
2. Install dependencies:

   pip install -r requirements.txt

3. Run the application:

   python run_webapp.py

4. Open http://localhost:5000 in your browser

Production Deployment (Render)

1. Fork this repository
2. Connect to Render
3. Create new Web Service from your fork
4. Configure:
   • Runtime: Python 3
   • Build Command: pip install -r requirements.txt
   • Start Command: python run_webapp.py
5. Set environment variables:
   • FLASK_SECRET_KEY: Random 32+ character string
   • NVD_API_KEY: Your NIST API key (optional but recommended)

Keep-Alive (GitHub Actions)

The repository includes a GitHub Actions workflow that automatically keeps the Render app awake by pinging the health endpoint every 10 minutes.

Configuration

Environment Variables

# Required for production
export FLASK_SECRET_KEY="your_secure_secret_key_here"

# Optional but recommended for higher rate limits
export NVD_API_KEY="your_api_key_here"

Get a free NVD API key at: https://nvd.nist.gov/developers/request-an-api-key

Usage

Single CVE Analysis

Enter a CVE ID (e.g., CVE-2021-44228) to get detailed information including:

• CVSS scores and severity
• Affected products
• Reference links
• Vulnerability description

Search CVEs

Search by keywords, product names, or filter by:

• Severity level
• Date range
• Maximum results

Recent CVEs

Browse recently published vulnerabilities with pagination and filtering options.

API Endpoints

• GET /api/analyze/<cve_id> - Get detailed CVE analysis
• GET /api/search - Search CVEs with filters
• GET /api/recent - Get recent CVEs

Project Structure

├── app.py              # Main Flask application
├── config.py           # Configuration settings
├── run_webapp.py       # Application launcher
├── requirements.txt    # Python dependencies
├── api/               # NVD API client
├── models/            # Data models
├── services/          # Business logic
├── templates/         # HTML templates
├── static/            # CSS, JS, images
└── utils/             # Utility functions

Dependencies

• Flask - Web framework with enhanced production configuration
• Flask-Limiter - Rate limiting for web requests
• Flask-Caching - Response caching for improved performance
• Requests - HTTP client for NVD API communication
• Python-dateutil - Date parsing and manipulation
• Rich - Enhanced console formatting
• Colorama - Cross-platform terminal colors

Monitoring & Uptime

The application includes several monitoring features:

• Health check endpoint (/health) returns JSON status
• GitHub Actions workflow pings the app every 10 minutes
• Render's built-in health monitoring
• Request logging and error tracking

License

MIT License